0.0
NA
CVE-2024-46839
Linux Kernel Workqueue NMI Watchdog races in Multi-CPU Stop
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Sept. 27, 2024, 1:15 p.m.

Last Modified :

Oct. 1, 2024, 2:15 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

Exploitability Score :

Affected Products

The following products are affected by CVE-2024-46839 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-46839 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-46839 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Translated by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 01, 2024

    Action Type Old Value New Value
    Removed Translation Title: kernel de Linux Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: workqueue: Mejorar la escalabilidad del watchdog de workqueue touch En un sistema powerpc de ~2000 CPU, se han observado bloqueos duros en el código de workqueue cuando se ejecuta stop_machine (en este caso debido a la conexión en caliente de la CPU). Esto se debe a que muchas CPU giran en multi_cpu_stop, llamando a touch_nmi_watchdog() que termina llamando a wq_watchdog_touch(). wq_watchdog_touch() escribe en la variable global wq_watchdog_touched, y esta puede encontrarse en la misma línea de caché que otros datos importantes de workqueue, lo que ralentiza las operaciones hasta el punto de bloquearse. En el caso del siguiente seguimiento abreviado, worker_pool_idr estaba en la línea directa, lo que hacía que los bloqueos siempre aparecieran en idr_find. watchdog: CPU 1125 autodetectó BLOQUEO duro @ idr_find Seguimiento de llamadas: get_work_pool __queue_work call_timer_fn run_timer_softirq __do_softirq do_softirq_own_stack irq_exit timer_interrupt decrementer_common_virt * interrupción: 900 (temporizador) en multi_cpu_stop multi_cpu_stop cpu_stopper_thread smpboot_thread_fn kthread Solucione esto haciendo que wq_watchdog_touch() solo escriba en la línea si la última vez que se registró un toque excede 1/4 del umbral del watchdog.
  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 01, 2024

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 01, 2024

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: workqueue: Improve scalability of workqueue watchdog touch On a ~2000 CPU powerpc system, hard lockups have been observed in the workqueue code when stop_machine runs (in this case due to CPU hotplug). This is due to lots of CPUs spinning in multi_cpu_stop, calling touch_nmi_watchdog() which ends up calling wq_watchdog_touch(). wq_watchdog_touch() writes to the global variable wq_watchdog_touched, and that can find itself in the same cacheline as other important workqueue data, which slows down operations to the point of lockups. In the case of the following abridged trace, worker_pool_idr was in the hot line, causing the lockups to always appear at idr_find. watchdog: CPU 1125 self-detected hard LOCKUP @ idr_find Call Trace: get_work_pool __queue_work call_timer_fn run_timer_softirq __do_softirq do_softirq_own_stack irq_exit timer_interrupt decrementer_common_virt * interrupt: 900 (timer) at multi_cpu_stop multi_cpu_stop cpu_stopper_thread smpboot_thread_fn kthread Fix this by having wq_watchdog_touch() only write to the line if the last time a touch was recorded exceeds 1/4 of the watchdog threshold. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org https://git.kernel.org/stable/c/9d08fce64dd77f42e2361a4818dbc4b50f3c7dad
    Removed Reference kernel.org https://git.kernel.org/stable/c/a2abd35e7dc55bf9ed01e2b3481fa78e086d3bf4
    Removed Reference kernel.org https://git.kernel.org/stable/c/241bce1c757d0587721512296952e6bba69631ed
    Removed Reference kernel.org https://git.kernel.org/stable/c/da5f374103a1e0881bbd35847dc57b04ac155eb0
    Removed Reference kernel.org https://git.kernel.org/stable/c/98f887f820c993e05a12e8aa816c80b8661d4c87
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Sep. 27, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: workqueue: Improve scalability of workqueue watchdog touch On a ~2000 CPU powerpc system, hard lockups have been observed in the workqueue code when stop_machine runs (in this case due to CPU hotplug). This is due to lots of CPUs spinning in multi_cpu_stop, calling touch_nmi_watchdog() which ends up calling wq_watchdog_touch(). wq_watchdog_touch() writes to the global variable wq_watchdog_touched, and that can find itself in the same cacheline as other important workqueue data, which slows down operations to the point of lockups. In the case of the following abridged trace, worker_pool_idr was in the hot line, causing the lockups to always appear at idr_find. watchdog: CPU 1125 self-detected hard LOCKUP @ idr_find Call Trace: get_work_pool __queue_work call_timer_fn run_timer_softirq __do_softirq do_softirq_own_stack irq_exit timer_interrupt decrementer_common_virt * interrupt: 900 (timer) at multi_cpu_stop multi_cpu_stop cpu_stopper_thread smpboot_thread_fn kthread Fix this by having wq_watchdog_touch() only write to the line if the last time a touch was recorded exceeds 1/4 of the watchdog threshold.
    Added Reference kernel.org https://git.kernel.org/stable/c/9d08fce64dd77f42e2361a4818dbc4b50f3c7dad [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/a2abd35e7dc55bf9ed01e2b3481fa78e086d3bf4 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/241bce1c757d0587721512296952e6bba69631ed [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/da5f374103a1e0881bbd35847dc57b04ac155eb0 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/98f887f820c993e05a12e8aa816c80b8661d4c87 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-46839 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-46839 weaknesses.

NONE - Vulnerability Scoring System
: