{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry\n\nIn a review discussion of the changes to support vCPU hotplug where\na check was added on the GICC being enabled if was online, it was\nnoted that there is need to map back to the cpu and use that to index\ninto a cpumask. As such, a valid ID is needed.\n\nIf an MPIDR check fails in acpi_map_gic_cpu_interface() it is possible\nfor the entry in cpu_madt_gicc[cpu] == NULL. This function would\nthen cause a NULL pointer dereference. Whilst a path to trigger\nthis has not been established, harden this caller against the\npossibility." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "arch/arm64/include/asm/acpi.h" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "f57769ff6fa7", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "4c3b21204abb", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "945be49f4e83", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "40cae0df42e5", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "62ca6d3a905b", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "bc7fbb37e3d2", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "2488444274c7", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "arch/arm64/include/asm/acpi.h" ], "versions": [ { "version": "5.4.284", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.226", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.167", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.110", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.51", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.10.10", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/f57769ff6fa7f97f1296965f20e8a2bb3ee9fd0f" }, { "url": "https://git.kernel.org/stable/c/4c3b21204abb4fa3ab310fbbb5cf7f0e85f3a1bc" }, { "url": "https://git.kernel.org/stable/c/945be49f4e832a9184c313fdf8917475438a795b" }, { "url": "https://git.kernel.org/stable/c/40cae0df42e5e7f7a1c0f32deed9c4027c1ba94e" }, { "url": "https://git.kernel.org/stable/c/62ca6d3a905b4c40cd942f3cc645a6718f8bc7e7" }, { "url": "https://git.kernel.org/stable/c/bc7fbb37e3d2df59336eadbd6a56be632e3c7df7" }, { "url": "https://git.kernel.org/stable/c/2488444274c70038eb6b686cba5f1ce48ebb9cdd" } ], "title": "arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry", "x_generator": { "engine": "bippy-c9c4e1df01b2" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2024-46822", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }