Vulnerability Details CVE-2024-36887
In the Linux kernel, the following vulnerability has been resolved:
e1000e: change usleep_range to udelay in PHY mdic access
This is a partial revert of commit 6dbdd4de0362 ("e1000e: Workaround
for sporadic MDI error on Meteor Lake systems"). The referenced commit
used usleep_range inside the PHY access routines, which are sometimes
called from an atomic context. This can lead to a kernel panic in some
scenarios, such as cable disconnection and reconnection on vPro systems.
Solve this by changing the usleep_range calls back to udelay.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.8%
CVSS Severity
CVSS v3 Score 5.5
References
- https://git.kernel.org/stable/c/387f295cb2150ed164905b648d76dfcbd3621778
- https://git.kernel.org/stable/c/950d5226cd6bb83ba720961a8d4d5cf79e6afd57
- https://git.kernel.org/stable/c/f8a139656c95db893a543159873c57a470d7376d
- https://git.kernel.org/stable/c/387f295cb2150ed164905b648d76dfcbd3621778
- https://git.kernel.org/stable/c/950d5226cd6bb83ba720961a8d4d5cf79e6afd57
- https://git.kernel.org/stable/c/f8a139656c95db893a543159873c57a470d7376d
Products affected by CVE-2024-36887
-
cpe:2.3:o:linux:linux_kernel:6.6.26
-
cpe:2.3:o:linux:linux_kernel:6.6.27
-
cpe:2.3:o:linux:linux_kernel:6.6.28
-
cpe:2.3:o:linux:linux_kernel:6.6.29
-
cpe:2.3:o:linux:linux_kernel:6.6.30
-
cpe:2.3:o:linux:linux_kernel:6.8.5
-
cpe:2.3:o:linux:linux_kernel:6.8.6
-
cpe:2.3:o:linux:linux_kernel:6.8.7
-
cpe:2.3:o:linux:linux_kernel:6.8.8
-
cpe:2.3:o:linux:linux_kernel:6.8.9
-
cpe:2.3:o:linux:linux_kernel:6.9