{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2024-58093", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-03-06T15:52:09.188Z", "datePublished": "2025-04-16T14:11:42.682Z", "dateUpdated": "2026-05-23T15:56:38.991Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:56:38.991Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink->downstream would point to free'd memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]" } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/pci/pcie/aspm.c" ], "versions": [ { "version": "456d8aa37d0f56fc9e985e812496e861dcd6f2f2", "lessThan": "cbf937dcadfd571a434f8074d057b32cd14fbea5", "status": "affected", "versionType": "git" }, { "version": "666e7f9d60cee23077ea3e6331f6f8a19f7ea03f", "status": "affected", "versionType": "git" }, { "version": "7badf4d6f49a358a01ab072bbff88d3ee886c33b", "status": "affected", "versionType": "git" }, { "version": "9856c0de49052174ab474113f4ba40c02aaee086", "status": "affected", "versionType": "git" }, { "version": "7aecdd47910c51707696e8b0e045b9f88bd4230f", "status": "affected", "versionType": "git" }, { "version": "d51d2eeae4ce54d542909c4d9d07bf371a78592c", "status": "affected", "versionType": "git" }, { "version": "4203722d51afe3d239e03f15cc73efdf023a7103", "status": "affected", "versionType": "git" }, { "version": "5.4.251", "lessThan": "5.5", "status": "affected", "versionType": "semver" }, { "version": "5.10.188", "lessThan": "5.11", "status": "affected", "versionType": "semver" }, { "version": "5.15.121", "lessThan": "5.16", "status": "affected", "versionType": "semver" }, { "version": "6.1.39", "lessThan": "6.2", "status": "affected", "versionType": "semver" }, { "version": "6.3.13", "lessThan": "6.4", "status": "affected", "versionType": "semver" }, { "version": "6.4.4", "lessThan": "6.5", "status": "affected", "versionType": "semver" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/pci/pcie/aspm.c" ], "versions": [ { "version": "6.5", "status": "affected" }, { "version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver" }, { "version": "6.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.15" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.251" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.188" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.121" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.39" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3.13" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.4" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/cbf937dcadfd571a434f8074d057b32cd14fbea5" } ], "title": "PCI/ASPM: Fix link state exit during switch upstream function removal", "x_generator": { "engine": "bippy-1.2.0" } } } }