cve-2024-46848
Vulnerability from cvelistv5
Published
2024-09-27 12:39
Modified
2024-11-05 09:47
Severity ?
Summary
perf/x86/intel: Limit the period on Haswell
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0eaf812aa1506704f3b78be87036860e5d0fe81dPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/15210b7c8caff4929f25d049ef8404557f8ae468Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/25dfc9e357af8aed1ca79b318a73f2c59c1f0b2bPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8717dc35c0e5896f4110f4b3882f7ff787a5f73dPatch
Impacted products
Vendor Product Version
Linux Linux Version: 3.11
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46848",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-29T13:58:48.899294Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-29T13:58:53.669Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/events/intel/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "15210b7c8caf",
              "status": "affected",
              "version": "3a632cb229bf",
              "versionType": "git"
            },
            {
              "lessThan": "0eaf812aa150",
              "status": "affected",
              "version": "3a632cb229bf",
              "versionType": "git"
            },
            {
              "lessThan": "8717dc35c0e5",
              "status": "affected",
              "version": "3a632cb229bf",
              "versionType": "git"
            },
            {
              "lessThan": "25dfc9e357af",
              "status": "affected",
              "version": "3a632cb229bf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/events/intel/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.11"
            },
            {
              "lessThan": "3.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.110",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Limit the period on Haswell\n\nRunning the ltp test cve-2015-3290 concurrently reports the following\nwarnings.\n\nperfevents: irq loop stuck!\n  WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174\n  intel_pmu_handle_irq+0x285/0x370\n  Call Trace:\n   \u003cNMI\u003e\n   ? __warn+0xa4/0x220\n   ? intel_pmu_handle_irq+0x285/0x370\n   ? __report_bug+0x123/0x130\n   ? intel_pmu_handle_irq+0x285/0x370\n   ? __report_bug+0x123/0x130\n   ? intel_pmu_handle_irq+0x285/0x370\n   ? report_bug+0x3e/0xa0\n   ? handle_bug+0x3c/0x70\n   ? exc_invalid_op+0x18/0x50\n   ? asm_exc_invalid_op+0x1a/0x20\n   ? irq_work_claim+0x1e/0x40\n   ? intel_pmu_handle_irq+0x285/0x370\n   perf_event_nmi_handler+0x3d/0x60\n   nmi_handle+0x104/0x330\n\nThanks to Thomas Gleixner\u0027s analysis, the issue is caused by the low\ninitial period (1) of the frequency estimation algorithm, which triggers\nthe defects of the HW, specifically erratum HSW11 and HSW143. (For the\ndetails, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/)\n\nThe HSW11 requires a period larger than 100 for the INST_RETIRED.ALL\nevent, but the initial period in the freq mode is 1. The erratum is the\nsame as the BDM11, which has been supported in the kernel. A minimum\nperiod of 128 is enforced as well on HSW.\n\nHSW143 is regarding that the fixed counter 1 may overcount 32 with the\nHyper-Threading is enabled. However, based on the test, the hardware\nhas more issues than it tells. Besides the fixed counter 1, the message\n\u0027interrupt took too long\u0027 can be observed on any counter which was armed\nwith a period \u003c 32 and two events expired in the same NMI. A minimum\nperiod of 32 is enforced for the rest of the events.\nThe recommended workaround code of the HSW143 is not implemented.\nBecause it only addresses the issue for the fixed counter. It brings\nextra overhead through extra MSR writing. No related overcounting issue\nhas been reported so far."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:47:46.823Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/15210b7c8caff4929f25d049ef8404557f8ae468"
        },
        {
          "url": "https://git.kernel.org/stable/c/0eaf812aa1506704f3b78be87036860e5d0fe81d"
        },
        {
          "url": "https://git.kernel.org/stable/c/8717dc35c0e5896f4110f4b3882f7ff787a5f73d"
        },
        {
          "url": "https://git.kernel.org/stable/c/25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b"
        }
      ],
      "title": "perf/x86/intel: Limit the period on Haswell",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-46848",
    "datePublished": "2024-09-27T12:39:40.191Z",
    "dateReserved": "2024-09-11T15:12:18.290Z",
    "dateUpdated": "2024-11-05T09:47:46.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-46848\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-09-27T13:15:16.657\",\"lastModified\":\"2024-10-04T15:23:35.287\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nperf/x86/intel: Limit the period on Haswell\\n\\nRunning the ltp test cve-2015-3290 concurrently reports the following\\nwarnings.\\n\\nperfevents: irq loop stuck!\\n  WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174\\n  intel_pmu_handle_irq+0x285/0x370\\n  Call Trace:\\n   \u003cNMI\u003e\\n   ? __warn+0xa4/0x220\\n   ? intel_pmu_handle_irq+0x285/0x370\\n   ? __report_bug+0x123/0x130\\n   ? intel_pmu_handle_irq+0x285/0x370\\n   ? __report_bug+0x123/0x130\\n   ? intel_pmu_handle_irq+0x285/0x370\\n   ? report_bug+0x3e/0xa0\\n   ? handle_bug+0x3c/0x70\\n   ? exc_invalid_op+0x18/0x50\\n   ? asm_exc_invalid_op+0x1a/0x20\\n   ? irq_work_claim+0x1e/0x40\\n   ? intel_pmu_handle_irq+0x285/0x370\\n   perf_event_nmi_handler+0x3d/0x60\\n   nmi_handle+0x104/0x330\\n\\nThanks to Thomas Gleixner\u0027s analysis, the issue is caused by the low\\ninitial period (1) of the frequency estimation algorithm, which triggers\\nthe defects of the HW, specifically erratum HSW11 and HSW143. (For the\\ndetails, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/)\\n\\nThe HSW11 requires a period larger than 100 for the INST_RETIRED.ALL\\nevent, but the initial period in the freq mode is 1. The erratum is the\\nsame as the BDM11, which has been supported in the kernel. A minimum\\nperiod of 128 is enforced as well on HSW.\\n\\nHSW143 is regarding that the fixed counter 1 may overcount 32 with the\\nHyper-Threading is enabled. However, based on the test, the hardware\\nhas more issues than it tells. Besides the fixed counter 1, the message\\n\u0027interrupt took too long\u0027 can be observed on any counter which was armed\\nwith a period \u003c 32 and two events expired in the same NMI. A minimum\\nperiod of 32 is enforced for the rest of the events.\\nThe recommended workaround code of the HSW143 is not implemented.\\nBecause it only addresses the issue for the fixed counter. It brings\\nextra overhead through extra MSR writing. No related overcounting issue\\nhas been reported so far.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf/x86/intel: Limitar el per\u00edodo en Haswell La ejecuci\u00f3n de la prueba ltp cve-2015-3290 al mismo tiempo informa las siguientes advertencias. perfevents: \u00a1bucle irq atascado! ADVERTENCIA: CPU: 31 PID: 32438 en arch/x86/events/intel/core.c:3174 intel_pmu_handle_irq+0x285/0x370 Rastreo de llamadas:  ? __warn+0xa4/0x220 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? report_bug+0x3e/0xa0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? irq_work_claim+0x1e/0x40 ? intel_pmu_handle_irq+0x285/0x370 perf_event_nmi_handler+0x3d/0x60 nmi_handle+0x104/0x330 Gracias al an\u00e1lisis de Thomas Gleixner, el problema es causado por el bajo per\u00edodo inicial (1) del algoritmo de estimaci\u00f3n de frecuencia, que desencadena los defectos del HW, espec\u00edficamente las erratas HSW11 y HSW143. (Para conocer los detalles, consulte https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/) El HSW11 requiere un per\u00edodo mayor a 100 para el evento INST_RETIRED.ALL, pero el per\u00edodo inicial en el modo freq es 1. La errata es la misma que la del BDM11, que ha sido compatible con el kernel. Tambi\u00e9n se aplica un per\u00edodo m\u00ednimo de 128 en HSW. HSW143 se refiere a que el contador fijo 1 puede sobrecontar 32 con Hyper-Threading habilitado. Sin embargo, seg\u00fan la prueba, el hardware tiene m\u00e1s problemas de los que indica. Adem\u00e1s del contador fijo 1, se puede observar el mensaje \\\"la interrupci\u00f3n tard\u00f3 demasiado\\\" en cualquier contador que se haya armado con un per\u00edodo \u0026lt;32 y dos eventos hayan expirado en el mismo NMI. Se aplica un per\u00edodo m\u00ednimo de 32 para el resto de los eventos. El c\u00f3digo de workaround recomendado del HSW143 no est\u00e1 implementado. Porque solo soluciona el problema del contador fijo. Implica una sobrecarga adicional a trav\u00e9s de la escritura adicional del MSR. Hasta el momento, no se ha informado de ning\u00fan problema de conteo excesivo relacionado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"6.1.110\",\"matchCriteriaId\":\"FC454BA0-BEF2-4869-B2C2-572AE19D0FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.51\",\"matchCriteriaId\":\"E4529134-BAC4-4776-840B-304009E181A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.10.10\",\"matchCriteriaId\":\"ACDEE48C-137A-4731-90D0-A675865E1BED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CE743-2126-47A3-8B7C-822B502CF119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEB27E7-30AA-45CC-8934-B89263EF3551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0005AEF-856E-47EB-BFE4-90C46899394D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"39889A68-6D34-47A6-82FC-CD0BF23D6754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8383ABF-1457-401F-9B61-EE50F4C61F4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77A9280-37E6-49AD-B559-5B23A3B1DC3D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0eaf812aa1506704f3b78be87036860e5d0fe81d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/15210b7c8caff4929f25d049ef8404557f8ae468\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8717dc35c0e5896f4110f4b3882f7ff787a5f73d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.