vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-58090): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Mar 27, 2025
Added
May 20, 2025
Modified
Jun 3, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

sched/core: Prevent rescheduling when interrupts are disabled

David reported a warning observed while loop testing kexec jump:

Interrupts enabled after irqrouter_resume+0x0/0x50
WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220
kernel_kexec+0xf6/0x180
__do_sys_reboot+0x206/0x250
do_syscall_64+0x95/0x180

The corresponding interrupt flag trace:

hardirqs last enabled at (15573): [] __up_console_sem+0x7e/0x90
hardirqs last disabled at (15580): [] __up_console_sem+0x63/0x90

That means __up_console_sem() was invoked with interrupts enabled. Further
instrumentation revealed that in the interrupt disabled section of kexec
jump one of the syscore_suspend() callbacks woke up a task, which set the
NEED_RESCHED flag. A later callback in the resume path invoked
cond_resched() which in turn led to the invocation of the scheduler:

__cond_resched+0x21/0x60
down_timeout+0x18/0x60
acpi_os_wait_semaphore+0x4c/0x80
acpi_ut_acquire_mutex+0x3d/0x100
acpi_ns_get_node+0x27/0x60
acpi_ns_evaluate+0x1cb/0x2d0
acpi_rs_set_srs_method_data+0x156/0x190
acpi_pci_link_set+0x11c/0x290
irqrouter_resume+0x54/0x60
syscore_resume+0x6a/0x200
kernel_kexec+0x145/0x1c0
__do_sys_reboot+0xeb/0x240
do_syscall_64+0x95/0x180

This is a long standing problem, which probably got more visible with
the recent printk changes. Something does a task wakeup and the
scheduler sets the NEED_RESCHED flag. cond_resched() sees it set and
invokes schedule() from a completely bogus context. The scheduler
enables interrupts after context switching, which causes the above
warning at the end.

Quite some of the code paths in syscore_suspend()/resume() can result in
triggering a wakeup with the exactly same consequences. They might not
have done so yet, but as they share a lot of code with normal operations
it's just a question of time.

The problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling
models. Full preemption is not affected as cond_resched() is disabled and
the preemption check preemptible() takes the interrupt disabled flag into
account.

Cure the problem by adding a corresponding check into cond_resched().

Solution(s)

ubuntu-upgrade-linux-image-5-15-0-1026-nvidia-tegra-igxubuntu-upgrade-linux-image-5-15-0-1026-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegraubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegra-rtubuntu-upgrade-linux-image-5-15-0-1066-gkeopubuntu-upgrade-linux-image-5-15-0-1076-ibmubuntu-upgrade-linux-image-5-15-0-1077-intel-iot-realtimeubuntu-upgrade-linux-image-5-15-0-1078-nvidiaubuntu-upgrade-linux-image-5-15-0-1078-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1078-raspiubuntu-upgrade-linux-image-5-15-0-1079-intel-iotgubuntu-upgrade-linux-image-5-15-0-1080-kvmubuntu-upgrade-linux-image-5-15-0-1081-gkeubuntu-upgrade-linux-image-5-15-0-1081-oracleubuntu-upgrade-linux-image-5-15-0-1083-gcpubuntu-upgrade-linux-image-5-15-0-1083-gcp-fipsubuntu-upgrade-linux-image-5-15-0-1084-awsubuntu-upgrade-linux-image-5-15-0-1084-aws-fipsubuntu-upgrade-linux-image-5-15-0-1084-realtimeubuntu-upgrade-linux-image-5-15-0-1089-azureubuntu-upgrade-linux-image-5-15-0-1089-azure-fipsubuntu-upgrade-linux-image-5-15-0-140-fipsubuntu-upgrade-linux-image-5-15-0-140-genericubuntu-upgrade-linux-image-5-15-0-140-generic-64kubuntu-upgrade-linux-image-5-15-0-140-generic-lpaeubuntu-upgrade-linux-image-5-15-0-140-lowlatencyubuntu-upgrade-linux-image-5-15-0-140-lowlatency-64kubuntu-upgrade-linux-image-5-4-0-1064-xilinx-zynqmpubuntu-upgrade-linux-image-5-4-0-1092-ibmubuntu-upgrade-linux-image-5-4-0-1105-bluefieldubuntu-upgrade-linux-image-5-4-0-1120-fipsubuntu-upgrade-linux-image-5-4-0-1129-raspiubuntu-upgrade-linux-image-5-4-0-1133-kvmubuntu-upgrade-linux-image-5-4-0-1144-oracleubuntu-upgrade-linux-image-5-4-0-1146-awsubuntu-upgrade-linux-image-5-4-0-1146-aws-fipsubuntu-upgrade-linux-image-5-4-0-1149-gcpubuntu-upgrade-linux-image-5-4-0-1149-gcp-fipsubuntu-upgrade-linux-image-5-4-0-1151-azureubuntu-upgrade-linux-image-5-4-0-1151-azure-fipsubuntu-upgrade-linux-image-5-4-0-216-genericubuntu-upgrade-linux-image-5-4-0-216-generic-lpaeubuntu-upgrade-linux-image-5-4-0-216-lowlatencyubuntu-upgrade-linux-image-6-11-0-1010-realtimeubuntu-upgrade-linux-image-6-11-0-1013-raspiubuntu-upgrade-linux-image-6-11-0-1014-awsubuntu-upgrade-linux-image-6-11-0-1014-lowlatencyubuntu-upgrade-linux-image-6-11-0-1014-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1015-azureubuntu-upgrade-linux-image-6-11-0-1015-azure-fdeubuntu-upgrade-linux-image-6-11-0-1015-gcpubuntu-upgrade-linux-image-6-11-0-1015-gcp-64kubuntu-upgrade-linux-image-6-11-0-1016-oracleubuntu-upgrade-linux-image-6-11-0-1016-oracle-64kubuntu-upgrade-linux-image-6-11-0-1022-oemubuntu-upgrade-linux-image-6-11-0-26-genericubuntu-upgrade-linux-image-6-11-0-26-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iot-realtimeubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-24-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-tegraubuntu-upgrade-linux-image-nvidia-tegra-igxubuntu-upgrade-linux-image-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-nvidia-tegra-rtubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-24-04ubuntu-upgrade-linux-image-xilinx-zynqmp

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today