PT-2025-3664 · Linux+6 · Linux Kernel+6

Nam Cao

·

Published

2024-11-18

·

Updated

2026-03-14

·

CVE-2024-57939

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description The issue is related to the Linux kernel, specifically with the riscv architecture. The problem arises when the die() function is called in an exception handler, which cannot sleep. However, die() uses spinlock t, which can sleep when PREEMPT RT is enabled, causing a warning. The warning indicates a sleeping function called from an invalid context. The solution involves switching to use raw spinlock t, which does not sleep even with PREEMPT RT enabled.
Recommendations To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider disabling the PREEMPT RT feature until a patch is available. Restrict access to the vulnerable die() function to minimize the risk of exploitation. Avoid using the spinlock t variable in the affected API endpoint until the issue is resolved.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALT-PU-2025-12647
ALT-PU-2025-5437
AZL-57596
BDU:2025-01773
CVE-2024-57939
DLA-4076-1
DSA-5860-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1110
OESA-2025-1111
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Ubuntu