CVE-2024-43872

MEDIUM

Linux Kernel 4.16-6.10.3 - Denial of Service via RDMA/hns CEQE Interrupt Handler

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH workqueue and set an upper limit for the number of CEQE handled by a single call of work handler.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08

Patch

https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 4.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-667

Status published

Products (8)

linux/Kernel 4.16.0 - 6.10.3linux

Linux/Linux < 4.16

Linux/Linux 4.16

Linux/Linux 6.10.3 - 6.10.*

Linux/Linux 6.11

Linux/Linux a5073d6054f75d7c94b3354206eec4b804d2fbd4 - 06580b33c183c9f98e2a2ca96a86137179032c08

Linux/Linux a5073d6054f75d7c94b3354206eec4b804d2fbd4 - 2fdf34038369c0a27811e7b4680662a14ada1d6b

linux/linux_kernel 4.16 - 6.10.3

Published Aug 21, 2024

Tracked Since Feb 18, 2026