PT-2024-8430 · Linux+9 · Linux Kernel+9
Kai-Heng Feng
·
Published
2024-03-05
·
Updated
2025-09-29
·
CVE-2024-35809
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A race condition between the
.runtime idle() callback and the .remove() callback in the rtsx pcr PCI driver leads to a kernel crash due to an unhandled page fault. The problem is that rtsx pci runtime idle() is not expected to be running after pm runtime get sync() has been called, but the latter doesn't really guarantee that. To address this race condition, one way is to call pm runtime barrier() after pm runtime get sync() to wait for the .runtime idle() callback to complete should it be running at that point.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu