{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2024-40980", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.604Z", "datePublished": "2024-07-12T12:32:15.569Z", "dateUpdated": "2026-05-12T11:56:03.129Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:23:34.271Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: replace spin_lock by raw_spin_lock\n\ntrace_drop_common() is called with preemption disabled, and it acquires\na spin_lock. This is problematic for RT kernels because spin_locks are\nsleeping locks in this configuration, which causes the following splat:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 449, name: rcuc/47\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n5 locks held by rcuc/47/449:\n #0: ff1100086ec30a60 ((softirq_ctrl.lock)){+.+.}-{2:2}, at: __local_bh_disable_ip+0x105/0x210\n #1: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: rt_spin_lock+0xbf/0x130\n #2: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: __local_bh_disable_ip+0x11c/0x210\n #3: ffffffffb394a160 (rcu_callback){....}-{0:0}, at: rcu_do_batch+0x360/0xc70\n #4: ff1100086ee07520 (&data->lock){+.+.}-{2:2}, at: trace_drop_common.constprop.0+0xb5/0x290\nirq event stamp: 139909\nhardirqs last enabled at (139908): [] _raw_spin_unlock_irqrestore+0x63/0x80\nhardirqs last disabled at (139909): [] trace_drop_common.constprop.0+0x26d/0x290\nsoftirqs last enabled at (139892): [] __local_bh_enable_ip+0x103/0x170\nsoftirqs last disabled at (139898): [] rcu_cpu_kthread+0x93/0x1f0\nPreemption disabled at:\n[] rt_mutex_slowunlock+0xab/0x2e0\nCPU: 47 PID: 449 Comm: rcuc/47 Not tainted 6.9.0-rc2-rt1+ #7\nHardware name: Dell Inc. PowerEdge R650/0Y2G81, BIOS 1.6.5 04/15/2022\nCall Trace:\n \n dump_stack_lvl+0x8c/0xd0\n dump_stack+0x14/0x20\n __might_resched+0x21e/0x2f0\n rt_spin_lock+0x5e/0x130\n ? trace_drop_common.constprop.0+0xb5/0x290\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_drop_common.constprop.0+0xb5/0x290\n ? preempt_count_sub+0x1c/0xd0\n ? _raw_spin_unlock_irqrestore+0x4a/0x80\n ? __pfx_trace_drop_common.constprop.0+0x10/0x10\n ? rt_mutex_slowunlock+0x26a/0x2e0\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_rt_mutex_slowunlock+0x10/0x10\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_kfree_skb_hit+0x15/0x20\n trace_kfree_skb+0xe9/0x150\n kfree_skb_reason+0x7b/0x110\n skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_skb_queue_purge_reason.part.0+0x10/0x10\n ? mark_lock.part.0+0x8a/0x520\n...\n\ntrace_drop_common() also disables interrupts, but this is a minor issue\nbecause we could easily replace it with a local_lock.\n\nReplace the spin_lock with raw_spin_lock to avoid sleeping in atomic\ncontext." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/core/drop_monitor.c" ], "versions": [ { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "594e47957f3fe034645e6885393ce96c12286334", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "96941f29ebcc1e9cbf570dc903f30374909562f5", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "b3722fb69468693555f531cddda5c30444726dac", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "f251ccef1d864790e5253386e95544420b7cd8f3", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "76ce2f9125244e1708d29c1d3f9d1d50b347bda0", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "07ea878684dfb78a9d4f564c39d07e855a9e242e", "status": "affected", "versionType": "git" }, { "version": "4ea7e38696c7e798c47ebbecadfd392f23f814f9", "lessThan": "f1e197a665c2148ebc25fe09c53689e60afea195", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/core/drop_monitor.c" ], "versions": [ { "version": "2.6.31", "status": "affected" }, { "version": "0", "lessThan": "2.6.31", "status": "unaffected", "versionType": "semver" }, { "version": "5.4.279", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.221", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.162", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.96", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.36", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.9.7", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "5.4.279" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "5.10.221" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "5.15.162" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "6.1.96" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "6.6.36" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "6.9.7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.31", "versionEndExcluding": "6.10" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/594e47957f3fe034645e6885393ce96c12286334" }, { "url": "https://git.kernel.org/stable/c/96941f29ebcc1e9cbf570dc903f30374909562f5" }, { "url": "https://git.kernel.org/stable/c/b3722fb69468693555f531cddda5c30444726dac" }, { "url": "https://git.kernel.org/stable/c/f251ccef1d864790e5253386e95544420b7cd8f3" }, { "url": "https://git.kernel.org/stable/c/76ce2f9125244e1708d29c1d3f9d1d50b347bda0" }, { "url": "https://git.kernel.org/stable/c/07ea878684dfb78a9d4f564c39d07e855a9e242e" }, { "url": "https://git.kernel.org/stable/c/f1e197a665c2148ebc25fe09c53689e60afea195" } ], "title": "drop_monitor: replace spin_lock by raw_spin_lock", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "title": "CVE Program Container", "references": [ { "url": "https://git.kernel.org/stable/c/594e47957f3fe034645e6885393ce96c12286334", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/96941f29ebcc1e9cbf570dc903f30374909562f5", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/b3722fb69468693555f531cddda5c30444726dac", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/f251ccef1d864790e5253386e95544420b7cd8f3", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/76ce2f9125244e1708d29c1d3f9d1d50b347bda0", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/07ea878684dfb78a9d4f564c39d07e855a9e242e", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/f1e197a665c2148ebc25fe09c53689e60afea195", "tags": [ "x_transferred" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:58:44.987Z" } }, { "metrics": [ { "other": { "type": "ssvc", "content": { "id": "CVE-2024-40980", "role": "CISA Coordinator", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "version": "2.0.3", "timestamp": "2024-09-10T17:02:23.500077Z" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:21.510Z" } }, { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:56:03.129Z" }, "affected": [ { "vendor": "Siemens", "product": "RUGGEDCOM RST2428P", "versions": [ { "status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "RUGGEDCOM RST2428P", "versions": [ { "status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family", "versions": [ { "status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family", "versions": [ { "status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family", "versions": [ { "status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family", "versions": [ { "status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [ { "status": "affected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html" } ] } ] } }