{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2024-26854",
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "state": "PUBLISHED",
        "assignerShortName": "Linux",
        "dateReserved": "2024-02-19T14:20:24.183Z",
        "datePublished": "2024-04-17T10:17:17.216Z",
        "dateUpdated": "2024-08-02T00:14:13.651Z"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
                "shortName": "Linux",
                "dateUpdated": "2024-05-29T05:23:55.893Z"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix uninitialized dplls mutex usage\n\nThe pf->dplls.lock mutex is initialized too late, after its first use.\nMove it to the top of ice_dpll_init.\nNote that the \"err_exit\" error path destroys the mutex. And the mutex is\nthe last thing destroyed in ice_dpll_deinit.\nThis fixes the following warning with CONFIG_DEBUG_MUTEXES:\n\n ice 0000:10:00.0: The DDP package was successfully loaded: ICE OS Default Package version 1.3.36.0\n ice 0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16 link)\n ice 0000:10:00.0: PTP init successful\n ------------[ cut here ]------------\n DEBUG_LOCKS_WARN_ON(lock->magic != lock)\n WARNING: CPU: 0 PID: 410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40\n Modules linked in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni polyval_generic ice(+) nvme nvme_c>\n CPU: 0 PID: 410 Comm: kworker/0:4 Not tainted 6.8.0-rc5+ #3\n Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant DL110 Gen10 Plus, BIOS U56 10/19/2023\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__mutex_lock+0x773/0xd40\n Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d 9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a>\n RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff85ac2bff RDI: 00000000ffffffff\n RBP: ff7eb1a3417a7b80 R08: 0000000000000000 R09: 00000000ffffbfff\n R10: ff7eb1a3417a7978 R11: ff32b80f7fd2e568 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ff32b7f02c50e0d8\n FS:  0000000000000000(0000) GS:ff32b80efe800000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n  <TASK>\n  ? __warn+0x84/0x170\n  ? __mutex_lock+0x773/0xd40\n  ? report_bug+0x1c7/0x1d0\n  ? prb_read_valid+0x1b/0x30\n  ? handle_bug+0x42/0x70\n  ? exc_invalid_op+0x18/0x70\n  ? asm_exc_invalid_op+0x1a/0x20\n  ? __mutex_lock+0x773/0xd40\n  ? rcu_is_watching+0x11/0x50\n  ? __kmalloc_node_track_caller+0x346/0x490\n  ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n  ? __pfx_ice_dpll_lock_status_get+0x10/0x10 [ice]\n  ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n  ice_dpll_lock_status_get+0x28/0x50 [ice]\n  dpll_device_get_one+0x14f/0x2e0\n  dpll_device_event_send+0x7d/0x150\n  dpll_device_register+0x124/0x180\n  ice_dpll_init_dpll+0x7b/0xd0 [ice]\n  ice_dpll_init+0x224/0xa40 [ice]\n  ? _dev_info+0x70/0x90\n  ice_load+0x468/0x690 [ice]\n  ice_probe+0x75b/0xa10 [ice]\n  ? _raw_spin_unlock_irqrestore+0x4f/0x80\n  ? process_one_work+0x1a3/0x500\n  local_pci_probe+0x47/0xa0\n  work_for_cpu_fn+0x17/0x30\n  process_one_work+0x20d/0x500\n  worker_thread+0x1df/0x3e0\n  ? __pfx_worker_thread+0x10/0x10\n  kthread+0x103/0x140\n  ? __pfx_kthread+0x10/0x10\n  ret_from_fork+0x31/0x50\n  ? __pfx_kthread+0x10/0x10\n  ret_from_fork_asm+0x1b/0x30\n  </TASK>\n irq event stamp: 125197\n hardirqs last  enabled at (125197): [<ffffffff8416409d>] finish_task_switch.isra.0+0x12d/0x3d0\n hardirqs last disabled at (125196): [<ffffffff85134044>] __schedule+0xea4/0x19f0\n softirqs last  enabled at (105334): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60\n softirqs last disabled at (105332): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60\n ---[ end trace 0000000000000000 ]---"
                }
            ],
            "affected": [
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/intel/ice/ice_dpll.c"
                    ],
                    "versions": [
                        {
                            "version": "d7999f5ea64b",
                            "lessThan": "db29ceff3e25",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "d7999f5ea64b",
                            "lessThan": "9224fc86f177",
                            "status": "affected",
                            "versionType": "git"
                        }
                    ]
                },
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "affected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/intel/ice/ice_dpll.c"
                    ],
                    "versions": [
                        {
                            "version": "6.7",
                            "status": "affected"
                        },
                        {
                            "version": "0",
                            "lessThan": "6.7",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "6.7.10",
                            "lessThanOrEqual": "6.7.*",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "6.8",
                            "lessThanOrEqual": "*",
                            "status": "unaffected",
                            "versionType": "original_commit_for_fix"
                        }
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://git.kernel.org/stable/c/db29ceff3e25c48907016da456a7cbee6310fd83"
                },
                {
                    "url": "https://git.kernel.org/stable/c/9224fc86f1776193650a33a275cac628952f80a9"
                }
            ],
            "title": "ice: fix uninitialized dplls mutex usage",
            "x_generator": {
                "engine": "bippy-a5840b7849dd"
            }
        },
        "adp": [
            {
                "title": "CISA ADP Vulnrichment",
                "metrics": [
                    {
                        "cvssV3_1": {
                            "scope": "UNCHANGED",
                            "version": "3.1",
                            "baseScore": 7.5,
                            "attackVector": "NETWORK",
                            "baseSeverity": "HIGH",
                            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                            "integrityImpact": "NONE",
                            "userInteraction": "NONE",
                            "attackComplexity": "LOW",
                            "availabilityImpact": "HIGH",
                            "privilegesRequired": "NONE",
                            "confidentialityImpact": "NONE"
                        }
                    },
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2024-26854",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-05-01T15:48:54.310895Z"
                            }
                        }
                    }
                ],
                "affected": [
                    {
                        "cpes": [
                            "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "versions": [
                            {
                                "status": "affected",
                                "version": "d7999f5ea64b"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "versions": [
                            {
                                "status": "affected",
                                "version": "6.7"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "0"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "6.710"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "6.8"
                            }
                        ],
                        "defaultStatus": "unknown"
                    }
                ],
                "problemTypes": [
                    {
                        "descriptions": [
                            {
                                "lang": "en",
                                "type": "CWE",
                                "cweId": "CWE-476",
                                "description": "CWE-476 NULL Pointer Dereference"
                            }
                        ]
                    }
                ],
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-06-04T17:48:49.716Z"
                }
            },
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-02T00:14:13.651Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://git.kernel.org/stable/c/db29ceff3e25c48907016da456a7cbee6310fd83",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://git.kernel.org/stable/c/9224fc86f1776193650a33a275cac628952f80a9",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    }
}