CVE-2024-26812

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability exists in the Linux kernel where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the SET IRQS ioctl or through unmask irqfd if the device interrupt is pending. This issue can be solved with additional locking, but the current solution moves configuration of the INTx interrupt handler to track the lifetime of the INTx context object and irq type configuration. Synchronization is added between the ioctl path and eventfd signal() wrapper to dynamically update the eventfd trigger relative to in-flight interrupts or irqfd callbacks. The vulnerability may allow an attacker to cause a denial of service (DoS).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.