UBUNTU-CVE-2024-41932

Description

In the Linux kernel, the following vulnerability has been resolved: sched: fix warning in sched_setaffinity Commit 8f9ea86fdf99b added some logic to sched_setaffinity that included a WARN when a per-task affinity assignment races with a cpuset update. Specifically, we can have a race where a cpuset update results in the task affinity no longer being a subset of the cpuset. That's fine; we have a fallback to instead use the cpuset mask. However, we have a WARN set up that will trigger if the cpuset mask has no overlap at all with the requested task affinity. This shouldn't be a warning condition; its trivial to create this condition. Reproduced the warning by the following setup: - $PID inside a cpuset cgroup - another thread repeatedly switching the cpuset cpus from 1-2 to just 1 - another thread repeatedly setting the $PID affinity (via taskset) to 2

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux

  < 6.8.0-58.60

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  < 6.8.0-1027.29

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  all

• ubuntu•linux-aws-6.5

  all

• ubuntu•linux-aws-6.8

  < 6.8.0-1027.29~22.04.1

• ubuntu•linux-azure

  all | < 6.8.0-1027.32

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.11

  < 6.11.0-1012.12~24.04.1

• ubuntu•linux-azure-6.2

  all

• ubuntu•linux-azure-6.5

  all

• ubuntu•linux-azure-6.8

  < 6.8.0-1027.32~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  all

• ubuntu•linux-azure-nvidia

  < 6.8.0-1014.15

• ubuntu•linux-fips

  < 6.8.0-78.78+fips1

• ubuntu•linux-gcp

  all | < 6.8.0-1028.30

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.11

  < 6.11.0-1011.11~24.04.1

• ubuntu•linux-gcp-6.2

  all

• ubuntu•linux-gcp-6.5

  all

• ubuntu•linux-gcp-6.8

  < 6.8.0-1028.30~22.04.1

• ubuntu•linux-gke

  all | < 6.8.0-1023.27

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop

  all | < 6.8.0-1010.12

• ubuntu•linux-gkeop-5.15

  all

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  all

• ubuntu•linux-hwe-5.11

  all

• ubuntu•linux-hwe-5.13

  all

• ubuntu•linux-hwe-5.19

  all

• ubuntu•linux-hwe-5.8

  all

Showing first 50 affected entries in server-rendered view.

References (19)

• https://ubuntu.com/security/CVE-2024-41932
• https://www.cve.org/CVERecord?id=CVE-2024-41932
• https://git.kernel.org/linus/70ee7947a29029736a1a06c73a48ff37674a851b
• https://git.kernel.org/stable/c/5c3fb75f538cfcb886f6dfeb497d99fc2f263ee6
• https://git.kernel.org/stable/c/70ee7947a29029736a1a06c73a48ff37674a851b
• https://ubuntu.com/security/notices/USN-7379-1
• https://ubuntu.com/security/notices/USN-7380-1
• https://ubuntu.com/security/notices/USN-7381-1
• https://ubuntu.com/security/notices/USN-7382-1
• https://ubuntu.com/security/notices/USN-7379-2
• https://ubuntu.com/security/notices/USN-7449-1
• https://ubuntu.com/security/notices/USN-7450-1
• https://ubuntu.com/security/notices/USN-7451-1
• https://ubuntu.com/security/notices/USN-7452-1
• https://ubuntu.com/security/notices/USN-7453-1
• https://ubuntu.com/security/notices/USN-7449-2
• https://ubuntu.com/security/notices/USN-7468-1
• https://ubuntu.com/security/notices/USN-7523-1
• https://ubuntu.com/security/notices/USN-7524-1