CVE-2024-46848

Summary

CVE-2024-46848 is a vulnerability affecting the Linux kernel on Intel Haswell processors. The issue stems from the initial period being set too low (1) for the frequency estimation algorithm, causing defects such as HSW11 and HSW143. These errata require a period larger than 100 and 32, respectively, to prevent overcounting and other issues. However, the recommended workaround for HSW143, which involves additional MSR writing, has not been implemented as it only addresses the fixed counter and introduces extra overhead. The vulnerability was identified by Thomas Gleixner and can lead to warnings like "perfevents: irq loop stuck!" and "intel_pmu_handle_irq+0x285/0x370" during the execution of concurrent tests.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.