Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 ... Call trace: __might_sleep __mutex_lock_common mutex_lock_nested acpi_subsys_runtime_resume rpm_resume tegra_i2c_xfer The problem arises because during __pm_runtime_resume(), the spinlock &dev->power.lock is acquired before rpm_resume() is called. Later, rpm_resume() invokes acpi_subsys_runtime_resume(), which relies on mutexes, triggering the error. To address this issue, devices on ACPI are now marked as not IRQ-safe, considering the dependency of acpi_subsys_runtime_resume() on mutexes.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.17, < 6.1.107 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/14d069d92951a3e150c0a81f2ca3b93e54da913bPatch
- https://git.kernel.org/stable/c/2853e1376d8161b04c9ff18ba82b43f08a049905Patch
- https://git.kernel.org/stable/c/6861faf4232e4b78878f2de1ed3ee324ddae2287Patch
- https://git.kernel.org/stable/c/a89aef1e6cc43fa019a58080ed05c839e6c77876Patch
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-45029?
CVE-2024-45029 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being c...
How severe is CVE-2024-45029?
CVE-2024-45029 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-45029?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.