CVE-2024-36926 Information
Description
In the Linux kernel the following vulnerability has been resolved:
powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE
At the time of LPAR boot up partition firmware provides Open Firmware property ibmdma-window for the PE. This property is provided on the PCI bus the PE is attached to.
There are execptions where the partition firmware might not provide this property for the PE at the time of LPAR boot up. One of the scenario is where the firmware has frozen the PE due to some error condition. This PE is frozen for 24 hours or unless the whole system is reinitialized.
Within this time frame if the LPAR is booted the frozen PE will be presented to the LPAR but ibmdma-window property could be missing.
Today under these circumstances the LPAR oopses with NULL pointer dereference when configuring the PCI bus the PE is attached to.
BUG: Kernel NULL pointer dereference on read at 0x000000c8
Faulting instruction address: 0xc0000000001024c0
Oops: Kernel access of bad area sig: 7 [1]
LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
Supported: Yes
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.4.0-150600.9-default 1
Hardware name: IBM9043-MRX POWER10 (raw) 0x800200 0xf000006 of:IBMFW1060.00 (NM1060_023) hv:phyp pSeries
NIP: c0000000001024c0 LR: c0000000001024b0 CTR: c000000000102450
REGS: c0000000037db5c0 TRAP: 0300 Not tainted (6.4.0-150600.9-default)
MSR: 8000000002009033
Reference
https://git.kernel.org/stable/c/7fb5793c53f8c024e3eae9f0d44eb659aed833c4 https://git.kernel.org/stable/c/802b13b79ab1fef66c6852fc745cf197dca0cb15 https://git.kernel.org/stable/c/2bed905a72485a2b79a001bd7e66c750942d2155 https://git.kernel.org/stable/c/49a940dbdc3107fecd5e6d3063dc07128177e058
Share on: