SB20241230183 - Improper locking in Linux kernel include asm
Published: December 30, 2024 Updated: May 11, 2025
Security Bulletin ID
SB20241230183
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-56701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dtl_worker_enable() and dtl_worker_disable() functions in arch/powerpc/platforms/pseries/lpar.c, within the dtl_enable() and dtl_disable() functions in arch/powerpc/platforms/pseries/dtl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/525e18f1ba7c2b098c8ba587fb397efb34a6574c
- https://git.kernel.org/stable/c/6956c0e7346ce1bbfc726755aa8da10d26e84276
- https://git.kernel.org/stable/c/a246daa26b717e755ccc9061f47f7cd1c0b358dd
- https://git.kernel.org/stable/c/b125d0cf1adde7b2b47d7337fed7e9133eea3463
- https://git.kernel.org/stable/c/cadae3a45d23aa4f6485938a67cbc47aaaa25e38
- https://git.kernel.org/stable/c/f6ec133668757f84e5143f1eb141fd0b83778b9e
- https://git.kernel.org/stable/c/fa5b5ea257135e771b489c83a2e93b5935d0108e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.120