We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56617

cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU



Description

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cacheinfo from primary CPU") adds functionality that architectures can use to optionally allocate and build cacheinfo early during boot. Commit 6539cffa9495 ("cacheinfo: Add arch specific early level initializer") lets secondary CPUs correct (and reallocate memory) cacheinfo data if needed. If the early build functionality is not used and cacheinfo does not need correction, memory for cacheinfo is never allocated. x86 does not use the early build functionality. Consequently, during the cacheinfo CPU hotplug callback, last_level_cache_is_valid() attempts to dereference a NULL pointer: BUG: kernel NULL pointer dereference, address: 0000000000000100 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not present page PGD 0 P4D 0 Oops: 0000 [#1] PREEPMT SMP NOPTI CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1 RIP: 0010: last_level_cache_is_valid+0x95/0xe0a Allocate memory for cacheinfo during the cacheinfo CPU hotplug callback if not done earlier. Moreover, before determining the validity of the last-level cache info, ensure that it has been allocated. Simply checking for non-zero cache_leaves() is not sufficient, as some architectures (e.g., Intel processors) have non-zero cache_leaves() before allocation. Dereferencing NULL cacheinfo can occur in update_per_cpu_data_slice_size(). This function iterates over all online CPUs. However, a CPU may have come online recently, but its cacheinfo may not have been allocated yet. While here, remove an unnecessary indentation in allocate_cache_info(). [ bp: Massage. ]

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

6539cffa94957241c096099a57d05fa4d8c7db8a before 23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2
affected

6539cffa94957241c096099a57d05fa4d8c7db8a before 95e197354e0de07e9a20819bdae6562e4dda0f20
affected

6539cffa94957241c096099a57d05fa4d8c7db8a before b3fce429a1e030b50c1c91351d69b8667eef627b
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13
unaffected

References

git.kernel.org/...c/23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2

git.kernel.org/...c/95e197354e0de07e9a20819bdae6562e4dda0f20

git.kernel.org/...c/b3fce429a1e030b50c1c91351d69b8667eef627b

cve.org (CVE-2024-56617)

nvd.nist.gov (CVE-2024-56617)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56617

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.