CVE-2024-44958

MEDIUM EPSS 11.6%
Published Sep 4, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 4, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0 Call Trace: <TASK> __static_key_slow_dec_cpuslocked+0x16/0x70 sched_cpu_deactivate+0x26e/0x2a0 cpuhp_invoke_callback+0x3ad/0x10d0 cpuhp_thread_fun+0x3f5/0x680 smpboot_thread_fn+0x56d/0x8d0 kthread+0x309/0x400 ret_from_fork+0x41/0x70 ret_from_fork_asm+0x1b/0x30 </TASK> Because when cpuset_cpu_inactive() fails in sched_cpu_deactivate(), the cpu offline failed, but sched_smt_present is decremented before calling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so fix it by incrementing sched_smt_present in the error path.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥4.14.86  –  <4.15
linuxlinux_kernel*≥4.19.7  –  <4.20
linuxlinux_kernel*≥4.20  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.105
linuxlinux_kernel*≥6.2  –  <6.6.46
linuxlinux_kernel*≥6.7  –  <6.10.5
linuxlinux_kernel6.11any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7dd881117
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7dd881117
    Patch