CVE-2024-26602

medium

Description

In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize the accesses to prevent the ability for this to be called at too high of a frequency and saturate the machine.

References

https://www.securityweek.com/major-cpu-software-vendors-impacted-by-new-ghostrace-attack/

https://git.kernel.org/stable/c/db896bbe4a9c67cee377e5f6a743350d3ae4acf6

https://git.kernel.org/stable/c/c5b2063c65d05e79fad8029324581d86cfba7eea

https://git.kernel.org/stable/c/b6a2a9cbb67545c825ec95f06adb7ff300a2ad71

https://git.kernel.org/stable/c/944d5fe50f3f03daacfea16300e656a1691c4a23

https://git.kernel.org/stable/c/50fb4e17df319bb33be6f14e2a856950c1577dee

https://git.kernel.org/stable/c/3cd139875e9a7688b3fc715264032620812a5fa3

https://git.kernel.org/stable/c/24ec7504a08a67247fbe798d1de995208a8c128a

https://git.kernel.org/stable/c/2441a64070b85c14eecc3728cc87e883f953f265

Details

Source: Mitre, NVD

Published: 2024-02-26

Updated: 2024-11-05

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium