ghsa-333m-q4jm-qjq4
Vulnerability from github
Published
2024-10-21 15:32
Modified
2024-10-23 18:33
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

x86/sgx: Fix deadlock in SGX NUMA node search

When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EPC page from remote nodes indefinitely, leading to a soft lockup. Note how nid_of_current will never be equal to nid in that while loop because nid_of_current is not set in sgx_numa_mask.

Also worth mentioning is that it's perfectly fine for the firmware not to setup an EPC section on a node. While setting up an EPC section on each node can enhance performance, it is not a requirement for functionality.

Rework the loop to start and end on a node that has SGX memory. This avoids the deadlock looking for the current SGX-lacking node to show up in the loop when it never will.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-49856"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T13:15:06Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Fix deadlock in SGX NUMA node search\n\nWhen the current node doesn\u0027t have an EPC section configured by firmware\nand all other EPC sections are used up, CPU can get stuck inside the\nwhile loop that looks for an available EPC page from remote nodes\nindefinitely, leading to a soft lockup. Note how nid_of_current will\nnever be equal to nid in that while loop because nid_of_current is not\nset in sgx_numa_mask.\n\nAlso worth mentioning is that it\u0027s perfectly fine for the firmware not\nto setup an EPC section on a node. While setting up an EPC section on\neach node can enhance performance, it is not a requirement for\nfunctionality.\n\nRework the loop to start and end on *a* node that has SGX memory. This\navoids the deadlock looking for the current SGX-lacking node to show up\nin the loop when it never will.",
  "id": "GHSA-333m-q4jm-qjq4",
  "modified": "2024-10-23T18:33:07Z",
  "published": "2024-10-21T15:32:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49856"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0f89fb4042c08fd143bfc28af08bf6c8a0197eea"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20c96d0aaabfe361fc2a11c173968dc67feadbbf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/40fb64257dab507d86b5f1f2a62f3669ef0c91a8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8132510c915815e6b537ab937d94ed66893bc7b8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c936844010466535bd46ea4ce4656ef17653644"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb2d057539eda67ec7cfc369bf587e6518a9b99d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.