Bug 1223009 (CVE-2024-26823)

Summary: VUL-0: CVE-2024-26823: kernel: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: gianluca.gabrielli
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/402311/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-26823:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-04-18 07:09:29 UTC 
In the Linux kernel, the following vulnerability has been resolved:

irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems

While refactoring the way the ITSs are probed, the handling of quirks
applicable to ACPI-based platforms was lost. As a result, systems such as
HIP07 lose their GICv4 functionnality, and some other may even fail to
boot, unless they are configured to boot with DT.

Move the enabling of quirks into its_probe_one(), making it common to all
firmware implementations.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26823
https://www.cve.org/CVERecord?id=CVE-2024-26823
https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00
https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a
https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-26823.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2275611