Bugzilla – Bug 1220336
VUL-0: CVE-2024-26605: kernel: PCI/ASPM: deadlock when enabling ASPM
Last modified: 2024-06-25 18:12:16 UTC
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM The Linux kernel CVE team has assigned CVE-2024-26605 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024022419-CVE-2024-26605-7b06@gregkh/T/#u References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26605 https://bugzilla.redhat.com/show_bug.cgi?id=2265831
cve/linux-5.14 is affected. SLE15-SP6, stable and master are already fixed.
FTR the fix is: commit 1e560864159d002b453da42bd2c13a1805515a20 Author: Johan Hovold <johan+linaro@kernel.org> Date: Tue Jan 30 11:02:43 2024 +0100 PCI/ASPM: Fix deadlock when enabling ASPM
FTR Fixes: f93e71aea6c6 ("Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"") from v6.7. Despite cve-5.14 has that, qcom in there does NOT support ASPM (added in 9f4f3dfad8cf (PCI: qcom: Enable ASPM for platforms supporting 1.9.0 ops)). So: (In reply to Carlos López from comment #1) > cve/linux-5.14 is affected. This is not affected. > SLE15-SP6, stable And I added references here.
(In reply to Jiri Slaby from comment #4) > FTR > Fixes: f93e71aea6c6 ("Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"") > from v6.7. Despite cve-5.14 has that, qcom in there does NOT support ASPM > (added in 9f4f3dfad8cf (PCI: qcom: Enable ASPM for platforms supporting > 1.9.0 ops)). > > So: > (In reply to Carlos López from comment #1) > > cve/linux-5.14 is affected. > > This is not affected. Thanks for checking, I've updated the tracking
All done, closing.