SB2024073170 - Improper locking in Linux kernel x86 kernel
Published: July 31, 2024 Updated: May 12, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-42096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the profile_pc() function in arch/x86/kernel/time.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/65ebdde16e7f5da99dbf8a548fb635837d78384e
- https://git.kernel.org/stable/c/27c3be840911b15a3f24ed623f86153c825b6b29
- https://git.kernel.org/stable/c/49c09ca35a5f521d7fa18caf62fdf378f15e8aa4
- https://git.kernel.org/stable/c/2d07fea561d64357fb7b3f3751e653bf20306d77
- https://git.kernel.org/stable/c/161cef818545ecf980f0e2ebaf8ba7326ce53c2b
- https://git.kernel.org/stable/c/16222beb9f8e5ceb0beeb5cbe54bef16df501a92
- https://git.kernel.org/stable/c/a3b65c8cbc139bfce9541bc81c1bb766e5ba3f68
- https://git.kernel.org/stable/c/093d9603b60093a9aaae942db56107f6432a5dca
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.317
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.162
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.279
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.97
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.37