Race Condition The advisory has been revoked - it doesn't affect any version of package kernel-kdump  (opens in a new tab)


Threat Intelligence

EPSS
0.01% (2nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS7-KERNELKDUMP-8875656
  • published28 Feb 2025
  • disclosed28 Dec 2024

Introduced: 28 Dec 2024

CVE-2024-56706  (opens in a new tab)
CWE-366  (opens in a new tab)

Amendment

The Centos security team deemed this advisory irrelevant for Centos:7.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-kdump package and not the kernel-kdump package as distributed by Centos.

In the Linux kernel, the following vulnerability has been resolved:

s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex

Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutex_lock() and mutex_unlock(). After reservation of the PMU hardware the memory required for the PMUs the event is to be installed on is allocated by allocate_buffers() and alloc_sampling_buffer(). This done outside of the mutex protection. Without mutex protection two or more concurrent invocations of perf_event_init() may run in parallel. This can lead to allocation of Sample Data Blocks (SDBs) multiple times for the same PMU. Prevent this and protect memory allocation of SDBs by mutex.