Vulnerabilities > CVE-2024-50192 - Unspecified vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the corresponding doorbell interrupt still visible in /proc/irq/. Plug the race by checking the value of vmapp_count, which tracks whether the VPE is mapped ot not, and returning an error in this case. This involves making vmapp_count common to both GICv4.1 and its v4.0 ancestor.
Vulnerable Configurations
References
- https://git.kernel.org/stable/c/b7d7b7fc876f836f40bf48a87e07ea18756ba196
- https://git.kernel.org/stable/c/755b9532c885b8761fb135fedcd705e21e61cccb
- https://git.kernel.org/stable/c/64b12b061c5488e2d69e67c4eaae5da64fd30bfe
- https://git.kernel.org/stable/c/01282ab5182f85e42234df2ff42f0ce790f465ff
- https://git.kernel.org/stable/c/d960505a869e66184fff97fb334980a5b797c7c6
- https://git.kernel.org/stable/c/1442ee0011983f0c5c4b92380e6853afb513841a