CVE-2024-50249
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 9, 2024
Updated: Nov 14, 2024
Summary
CVE-2024-50249: A vulnerability has been identified in the Linux kernel's ACPI component. The issue involves a wait order problem between the 'rmw_lock' used by 'cpc_write()' and the raw_spinlock used by 'sugov_update_shared()'. This misorder resulted in an "Invalid wait context" error, leading to a potential security issue. The vulnerability has been resolved by making 'rmw_lock' a raw_spinlock to ensure proper wait-type order and disable interrupts on the CPU holding the lock.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX