CVE-2024-57939 (GCVE-0-2024-57939)

Vulnerability from cvelistv5 – Published: 2025-01-21 12:18 – Updated: 2026-05-11 21:01
VLAI
Title
riscv: Fix sleeping in invalid context in die()
Summary
In the Linux kernel, the following vulnerability has been resolved: riscv: Fix sleeping in invalid context in die() die() can be called in exception handler, and therefore cannot sleep. However, die() takes spinlock_t which can sleep with PREEMPT_RT enabled. That causes the following warning: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex preempt_count: 110001, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234 Hardware name: riscv-virtio,qemu (DT) Call Trace: dump_backtrace+0x1c/0x24 show_stack+0x2c/0x38 dump_stack_lvl+0x5a/0x72 dump_stack+0x14/0x1c __might_resched+0x130/0x13a rt_spin_lock+0x2a/0x5c die+0x24/0x112 do_trap_insn_illegal+0xa0/0xea _new_vmalloc_restore_context_a0+0xcc/0xd8 Oops - illegal instruction [#1] Switch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT enabled.
Severity
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < 8c38baa03ac8e18140faf36a3b955d30cad48e74 (git)
Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < 10c24df2e303f517fab0359392c11b6b1d553f2b (git)
Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < c21df31fc2a4afc02a6e56511364e9e793ea92ec (git)
Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < f48f060a4b36b5e96628f6c3fb1540f1e8dedb69 (git)
Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < 76ab0afcdbe8c9685b589016ee1c0e25fe596707 (git)
Affected: 76d2a0493a17d4c8ecc781366850c3c4f8e1a446 , < 6a97f4118ac07cfdc316433f385dbdc12af5025e (git)
Create a notification for this product.
Linux Linux Affected: 4.15
Unaffected: 0 , < 4.15 (semver)
Unaffected: 5.10.234 , ≤ 5.10.* (semver)
Unaffected: 5.15.177 , ≤ 5.15.* (semver)
Unaffected: 6.1.125 , ≤ 6.1.* (semver)
Unaffected: 6.6.72 , ≤ 6.6.* (semver)
Unaffected: 6.12.10 , ≤ 6.12.* (semver)
Unaffected: 6.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-57939",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:52:46.665901Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:57:13.873Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:56:06.960Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8c38baa03ac8e18140faf36a3b955d30cad48e74",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            },
            {
              "lessThan": "10c24df2e303f517fab0359392c11b6b1d553f2b",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            },
            {
              "lessThan": "c21df31fc2a4afc02a6e56511364e9e793ea92ec",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            },
            {
              "lessThan": "f48f060a4b36b5e96628f6c3fb1540f1e8dedb69",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            },
            {
              "lessThan": "76ab0afcdbe8c9685b589016ee1c0e25fe596707",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            },
            {
              "lessThan": "6a97f4118ac07cfdc316433f385dbdc12af5025e",
              "status": "affected",
              "version": "76d2a0493a17d4c8ecc781366850c3c4f8e1a446",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.234",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.177",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.234",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.177",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.125",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.72",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.10",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix sleeping in invalid context in die()\n\ndie() can be called in exception handler, and therefore cannot sleep.\nHowever, die() takes spinlock_t which can sleep with PREEMPT_RT enabled.\nThat causes the following warning:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex\npreempt_count: 110001, expected: 0\nRCU nest depth: 0, expected: 0\nCPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234\nHardware name: riscv-virtio,qemu (DT)\nCall Trace:\n    dump_backtrace+0x1c/0x24\n    show_stack+0x2c/0x38\n    dump_stack_lvl+0x5a/0x72\n    dump_stack+0x14/0x1c\n    __might_resched+0x130/0x13a\n    rt_spin_lock+0x2a/0x5c\n    die+0x24/0x112\n    do_trap_insn_illegal+0xa0/0xea\n    _new_vmalloc_restore_context_a0+0xcc/0xd8\nOops - illegal instruction [#1]\n\nSwitch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT\nenabled."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:01:02.848Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74"
        },
        {
          "url": "https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec"
        },
        {
          "url": "https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69"
        },
        {
          "url": "https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e"
        }
      ],
      "title": "riscv: Fix sleeping in invalid context in die()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-57939",
    "datePublished": "2025-01-21T12:18:08.433Z",
    "dateReserved": "2025-01-19T11:50:08.378Z",
    "dateUpdated": "2026-05-11T21:01:02.848Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-57939",
      "date": "2026-06-26",
      "epss": "0.00203",
      "percentile": "0.10303"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-57939\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-21T13:15:07.903\",\"lastModified\":\"2025-11-03T21:18:45.567\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nriscv: Fix sleeping in invalid context in die()\\n\\ndie() can be called in exception handler, and therefore cannot sleep.\\nHowever, die() takes spinlock_t which can sleep with PREEMPT_RT enabled.\\nThat causes the following warning:\\n\\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex\\npreempt_count: 110001, expected: 0\\nRCU nest depth: 0, expected: 0\\nCPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234\\nHardware name: riscv-virtio,qemu (DT)\\nCall Trace:\\n    dump_backtrace+0x1c/0x24\\n    show_stack+0x2c/0x38\\n    dump_stack_lvl+0x5a/0x72\\n    dump_stack+0x14/0x1c\\n    __might_resched+0x130/0x13a\\n    rt_spin_lock+0x2a/0x5c\\n    die+0x24/0x112\\n    do_trap_insn_illegal+0xa0/0xea\\n    _new_vmalloc_restore_context_a0+0xcc/0xd8\\nOops - illegal instruction [#1]\\n\\nSwitch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT\\nenabled.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: Se ha corregido la suspensi\u00f3n en un contexto no v\u00e1lido en die(). die() se puede llamar en el controlador de excepciones y, por lo tanto, no puede suspenderse. Sin embargo, die() utiliza spinlock_t, que puede suspenderse con PREEMPT_RT habilitado. Esto provoca la siguiente advertencia: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex preempt_count: 110001, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234 Hardware name: riscv-virtio,qemu (DT) Call Trace: dump_backtrace+0x1c/0x24 show_stack+0x2c/0x38 dump_stack_lvl+0x5a/0x72 dump_stack+0x14/0x1c __might_resched+0x130/0x13a rt_spin_lock+0x2a/0x5c die+0x24/0x112 do_trap_insn_illegal+0xa0/0xea _new_vmalloc_restore_context_a0+0xcc/0xd8 Oops - illegal instruction [#1] Switch to use raw_spinlock_t, que no duerme incluso con PREEMPT_RT habilitado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"5.10.234\",\"matchCriteriaId\":\"DFFECED7-92AA-4272-93E6-4CE1FEF09311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndIncluding\":\"5.15.177\",\"matchCriteriaId\":\"C5648890-5913-406E-BC9E-26225C14B258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndIncluding\":\"6.1.125\",\"matchCriteriaId\":\"629B36DA-23BD-45D8-81C8-C5474699FD34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndIncluding\":\"6.6.72\",\"matchCriteriaId\":\"CDE25C8B-249A-41AA-A4DD-67E6483DB77B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndIncluding\":\"6.12.10\",\"matchCriteriaId\":\"C89187C1-166D-427C-8E39-44F014D502FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A073481-106D-4B15-B4C7-FB0213B8E1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE491969-75AE-4A6B-9A58-8FC5AF98798F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C0660D-7FB8-4FBA-892A-B064BA71E49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"034C36A6-C481-41F3-AE9A-D116E5BE6895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T20:56:06.960Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-57939\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:52:46.665901Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T15:57:40.344Z\"}}], \"cna\": {\"title\": \"riscv: Fix sleeping in invalid context in die()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"8c38baa03ac8e18140faf36a3b955d30cad48e74\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"10c24df2e303f517fab0359392c11b6b1d553f2b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"c21df31fc2a4afc02a6e56511364e9e793ea92ec\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"f48f060a4b36b5e96628f6c3fb1540f1e8dedb69\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"76ab0afcdbe8c9685b589016ee1c0e25fe596707\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"76d2a0493a17d4c8ecc781366850c3c4f8e1a446\", \"lessThan\": \"6a97f4118ac07cfdc316433f385dbdc12af5025e\", \"versionType\": \"git\"}], \"programFiles\": [\"arch/riscv/kernel/traps.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.15\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.15\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.234\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.177\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.125\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.72\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"arch/riscv/kernel/traps.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74\"}, {\"url\": \"https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b\"}, {\"url\": \"https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec\"}, {\"url\": \"https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69\"}, {\"url\": \"https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707\"}, {\"url\": \"https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nriscv: Fix sleeping in invalid context in die()\\n\\ndie() can be called in exception handler, and therefore cannot sleep.\\nHowever, die() takes spinlock_t which can sleep with PREEMPT_RT enabled.\\nThat causes the following warning:\\n\\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex\\npreempt_count: 110001, expected: 0\\nRCU nest depth: 0, expected: 0\\nCPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234\\nHardware name: riscv-virtio,qemu (DT)\\nCall Trace:\\n    dump_backtrace+0x1c/0x24\\n    show_stack+0x2c/0x38\\n    dump_stack_lvl+0x5a/0x72\\n    dump_stack+0x14/0x1c\\n    __might_resched+0x130/0x13a\\n    rt_spin_lock+0x2a/0x5c\\n    die+0x24/0x112\\n    do_trap_insn_illegal+0xa0/0xea\\n    _new_vmalloc_restore_context_a0+0xcc/0xd8\\nOops - illegal instruction [#1]\\n\\nSwitch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT\\nenabled.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.234\", \"versionStartIncluding\": \"4.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.177\", \"versionStartIncluding\": \"4.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.125\", \"versionStartIncluding\": \"4.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.72\", \"versionStartIncluding\": \"4.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.10\", \"versionStartIncluding\": \"4.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13\", \"versionStartIncluding\": \"4.15\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T10:07:05.839Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-57939\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T20:56:06.960Z\", \"dateReserved\": \"2025-01-19T11:50:08.378Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-01-21T12:18:08.433Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.