CVE-2024-27003 — Improper Locking in Linux
Severity
5.5MEDIUMNVD
OSV6.8
EPSS
0.0%
top 96.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 1
Latest updateJul 26
Description
In the Linux kernel, the following vulnerability has been resolved:
clk: Get runtime PM before walking tree for clk_summary
Similar to the previous commit, we should make sure that all devices are
runtime resumed before printing the clk_summary through debugfs. Failure
to do so would result in a deadlock if the thread is resuming a device
to print clk state and that device is also runtime resuming in another
thread, e.g the screen is turning on and the display driver is starting
up. We remove …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages9 packages
▶CVEListV5linux/linux1bb294a7981c737e2311a78e4086635ac0220ace — 83ada89e4a86e2b28ea2b5113c76d6dc7560a4d0+4
Patches
🔴Vulnerability Details
6OSV▶
linux, linux-azure, linux-gcp, linux-ibm, linux-intel, linux-lowlatency, linux-oem-6.8, linux-raspi vulnerabilities↗2024-07-11
GHSA▶
GHSA-vq68-hhvf-c7xp: In the Linux kernel, the following vulnerability has been resolved:
clk: Get runtime PM before walking tree for clk_summary
Similar to the previous↗2024-05-01