PT-2024-7738 · Linux+9 · Linux Kernel+9
Reinette Chatre
·
Published
2024-02-19
·
Updated
2025-09-29
·
CVE-2024-26810
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to a synchronization problem in the Linux kernel's vfio component, which can cause a race condition between interrupt configuration changes via ioctl and mask operations through config space changes to DisINTx. This can lead to an interruption configuration change when DisINTx is cleared from config space. The problem is resolved by creating wrappers that add locking for paths outside of the core interrupt code, ensuring that irq type is updated while holding igate, and testing is intx() requires holding igate.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Race Condition
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu