CVE-2024-36970

MEDIUM

Linux Kernel 6.9-6.9.1 - Deadlock via iwlwifi LED Worker Thread Contention

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker threads are busy and some work that needs to complete cannot complete. [also remove unnecessary "load_module" var and now-wrong comment]

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/d20013259539e2fde2deeac85354851097afdf9e

Patch

https://git.kernel.org/stable/c/3d913719df14c28c4d3819e7e6d150760222bda4

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 3.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-667

Status published

Products (8)

linux/Kernel 6.9.0 - 6.9.2linux

Linux/Linux < 6.9

Linux/Linux 6.10

Linux/Linux 6.9

Linux/Linux 6.9.2 - 6.9.*

Linux/Linux f5c31bcf604db54470868f3118a60dc4a9ba8813 - 3d913719df14c28c4d3819e7e6d150760222bda4

Linux/Linux f5c31bcf604db54470868f3118a60dc4a9ba8813 - d20013259539e2fde2deeac85354851097afdf9e

linux/linux_kernel 6.9 - 6.9.2

Published Jun 08, 2024

Tracked Since Feb 18, 2026