CVE-2024-50138
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 5, 2024
Updated: Nov 8, 2024
Summary
CVE-2024-50138 is a vulnerability affecting the Linux kernel that arises from the use of spinlock_t in the function __bpf_ringbuf_reserve. This function is invoked from a tracepoint, which disables preemption. The vulnerability can lead to a "sleep in atomic" warning in the RT variant, as demonstrated in the provided BUG report. This issue occurs due to the fact that disabling preemption in an atomic context is not allowed. To mitigate this issue, it is recommended to switch the spinlock to raw_spinlock_t to avoid the error.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share