Description

In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel thread stack should be reserved for pt_regs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with their pt_regs, so both may get corrupted. Similar issue has been fixed for the primary hart, see c7cdd96eca28 ("riscv: prevent stack corruption by reserving task_pt_regs(p) early"). However that fix was not propagated to the secondary harts. The problem has been noticed in some CPU hotplug tests with V enabled. The function smp_callin stored several registers on stack, corrupting top of pt_regs structure including status field. As a result, kernel attempted to save or restore inexistent V context.

INFO

Published Date :

2024-06-24T13:52:25.399Z

Last Modified :

2025-05-04T09:16:03.741Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-38667 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-38667.

URL Resource
https://git.kernel.org/stable/c/0c1f28c32a194303da630fca89481334b9547b80 cve-icon cve-icon
https://git.kernel.org/stable/c/3090c06d50eaa91317f84bf3eac4c265e6cb8d44 cve-icon cve-icon
https://git.kernel.org/stable/c/a638b0461b58aa3205cd9d5f14d6f703d795b4af cve-icon cve-icon
https://git.kernel.org/stable/c/ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024062431-CVE-2024-38667-83a6@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-38667 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-38667 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact