PT-2024-8226 · Linux+5 · Linux Kernel+5

Published

2024-03-13

Updated

2025-03-28

CVE-2024-35806

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to the Linux kernel's qbman component, where interrupts are not properly disabled when taking the cgr lock, potentially leading to deadlocks. The smp call function single function disables IRQs when executing the callback, and this behavior should be consistent elsewhere. The qman update cgr and qman delete cgr functions already disable IRQs, but other lockers do not. This could allow an attacker to cause a denial of service.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2024-09770

CVE-2024-35806

DLA-3840-1

DLA-3842-1

OESA-2024-1677

OESA-2024-1678

OESA-2024-1680

OESA-2024-1681

OESA-2024-1682

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6816-1

USN-6817-1

USN-6817-2

USN-6817-3

USN-6878-1

USN-6896-1

USN-6896-2

USN-6896-3

USN-6896-4

USN-6896-5

USN-6898-1

USN-6898-2

USN-6898-3

USN-6898-4

USN-6917-1

USN-6919-1

USN-6927-1

USN-7019-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-8226 · Linux+5 · Linux Kernel+5

CVE-2024-35806

Weakness Enumeration

Related Identifiers

Affected Products

References · 4459