CVE-2024-45029

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 ... Call trace: __might_sleep __mutex_lock_common mutex_lock_nested acpi_subsys_runtime_resume rpm_resume tegra_i2c_xfer The problem arises because during __pm_runtime_resume(), the spinlock &dev->power.lock is acquired before rpm_resume() is called. Later, rpm_resume() invokes acpi_subsys_runtime_resume(), which relies on mutexes, triggering the error. To address this issue, devices on ACPI are now marked as not IRQ-safe, considering the dependency of acpi_subsys_runtime_resume() on mutexes.

The following products are affected by CVE-2024-45029 vulnerability.

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45029.

URL	Resource
https://git.kernel.org/stable/c/14d069d92951a3e150c0a81f2ca3b93e54da913b
https://git.kernel.org/stable/c/2853e1376d8161b04c9ff18ba82b43f08a049905
https://git.kernel.org/stable/c/6861faf4232e4b78878f2de1ed3ee324ddae2287
https://git.kernel.org/stable/c/a89aef1e6cc43fa019a58080ed05c839e6c77876
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lore.kernel.org/linux-cve-announce/2024091110-CVE-2024-45029-662e@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-45029
https://www.cve.org/CVERecord?id=CVE-2024-45029