CVE-2024-46829: rtmutex: Drop rt_mutex::wait_lock before scheduling
Description
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Drop rt_mutex::wait_lock before scheduling
rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
good case it returns with the lock held and in the deadlock case it emits a
warning and goes into an endless scheduling loop with the lock held, which
triggers the 'scheduling in atomic' warning.
Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning
and dropping into the schedule for ever loop.
[ tglx: Moved unlock before the WARN(), removed the pointless comment,
massaged changelog, added Fixes tag ]
Classification
CVE ID: CVE-2024-46829
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 7.57% (scored less or equal to compared to others)
EPSS Date: 2025-06-02 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-46829https://git.kernel.org/stable/c/432efdbe7da5ecfcbc0c2180cfdbab1441752a38
https://git.kernel.org/stable/c/6a976e9a47e8e5b326de671811561cab12e6fb1f
https://git.kernel.org/stable/c/1401da1486dc1cdbef6025fd74a3977df3a3e5d0
https://git.kernel.org/stable/c/93f44655472d9cd418293d328f9d141ca234ad83
https://git.kernel.org/stable/c/a92d81c9efec9280681c27a2c0a963fd0f1338e0
https://git.kernel.org/stable/c/85f03ca98e07cd0786738b56ae73740bce0ac27f
https://git.kernel.org/stable/c/f13b5afc5c4889569d84c3011ce449f61fccfb28
https://git.kernel.org/stable/c/d33d26036a0274b472299d7dcdaa5fb34329f91b