CVE-2024-26761
Description
In the Linux kernel, the following vulnerability has been resolved:cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS windowThe Linux CXL subsystem is built on the assumption that HPA == SPA.That is, the host physical address (HPA) the HDM decoder registers areprogrammed with are system physical addresses (SPA).During HDM decoder setup, the DVSEC CXL range registers (cxl-3.1,8.1.3.8) are checked if the memory is enabled and the CXL range is ina HPA window that is described in a CFMWS structure of the CXL hostbridge (cxl-3.1, 9.18.1.3).Now, if the HPA is not an SPA, the CXL range does not match a CFMWSwindow and the CXL memory range will be disabled then. The HDM decoderstops working which causes system memory being disabled and further asystem hang during HDM decoder initialization, typically when a CXLenabled kernel boots.Prevent a system hang and do not disable the HDM decoder if thedecoders CXL range is not found in a CFMWS window.Note the change only fixes a hardware hang, but does not implementHPA/SPA translation. Support for this can be added in a follow onpatch series.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.018
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-syms-azure-6.4.0-150600.8.5.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-source-azure-6.4.0-150600.8.5.4.noarch.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-devel-azure-6.4.0-150600.8.5.4.noarch.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-devel-debuginfo-6.4.0-150600.8.5.4.x86_64.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-devel-6.4.0-150600.8.5.4.x86_64.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-debugsource-6.4.0-150600.8.5.4.x86_64.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-debuginfo-6.4.0-150600.8.5.4.x86_64.rpm | Linux |
| SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-6.4.0-150600.8.5.4.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-debuginfo-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-syms-6.4.0-150600.23.7.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-source-6.4.0-150600.23.7.2.noarch.rpm | Linux |
| SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-obs-build-debugsource-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-obs-build-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-macros-6.4.0-150600.23.7.2.noarch.rpm | Linux |
| SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-docs-6.4.0-150600.23.7.4.noarch.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-devel-6.4.0-150600.23.7.2.noarch.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-devel-debuginfo-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-devel-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-debugsource-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-debuginfo-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-base-6.4.0-150600.23.7.3.150600.12.2.7.x86_64.rpm | Linux |
| SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-6.4.0-150600.23.7.3.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update rv-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update rtla-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update python3-perf-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update perf-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-uki-virt-addons-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-tools-libs-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-tools-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-headers-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-doc-5.14.0-503.11.1.el9_5.noarch.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-devel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-devel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-abi-stablelists-5.14.0-503.11.1.el9_5.noarch.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update bpftool-7.4.0-503.11.1.el9_5.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-azure-6.4.0-150600.8.17.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-azure-debuginfo-6.4.0-150600.8.17.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-azure-debugsource-6.4.0-150600.8.17.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-azure-devel-6.4.0-150600.8.17.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-azure-devel-debuginfo-6.4.0-150600.8.17.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-devel-azure-6.4.0-150600.8.17.1.noarch.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-source-azure-6.4.0-150600.8.17.1.noarch.rpm | Linux |
| SUSE-SU-2024:3984-1(Public Cloud Module 15-SP6) kernel-syms-azure-6.4.0-150600.8.17.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-base-6.4.0-150600.23.30.1.150600.12.12.6.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-debuginfo-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-debugsource-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-devel-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-default-devel-debuginfo-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-devel-6.4.0-150600.23.30.1.noarch.rpm | Linux |
| SUSE-SU-2024:4318-1(Development Tools Module 15-SP6) kernel-docs-6.4.0-150600.23.30.1.noarch.rpm | Linux |
| SUSE-SU-2024:4318-1(Legacy Module 15-SP6) reiserfs-kmp-default-debuginfo-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Basesystem Module 15-SP6) kernel-macros-6.4.0-150600.23.30.1.noarch.rpm | Linux |
| SUSE-SU-2024:4318-1(Development Tools Module 15-SP6) kernel-obs-build-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Development Tools Module 15-SP6) kernel-obs-build-debugsource-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Development Tools Module 15-SP6) kernel-source-6.4.0-150600.23.30.1.noarch.rpm | Linux |
| SUSE-SU-2024:4318-1(Development Tools Module 15-SP6) kernel-syms-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
| SUSE-SU-2024:4318-1(Legacy Module 15-SP6) reiserfs-kmp-default-6.4.0-150600.23.30.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234