Homepage
About Snyk

CVE-2024-36970 Affecting kernel-rt-trace-devel package, versions *

Severity

 Recommended
0.0
medium
0
10

Based on CentOS security rating

    Threat Intelligence

    EPSS
    0.04% (10th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-CENTOS7-KERNELRTTRACEDEVEL-7275382
  • published 19 Jun 2024
  • disclosed 8 Jun 2024
Report a new vulnerability Found a mistake?

Introduced: 8 Jun 2024

New CVE-2024-36970 Open this link in a new tab

How to fix?

There is no fixed version for Centos:7 kernel-rt-trace-devel.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-trace-devel package and not the kernel-rt-trace-devel package as distributed by Centos. See How to fix? for Centos:7 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: Use request_module_nowait

This appears to work around a deadlock regression that came in with the LED merge in 6.9.

The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker threads are busy and some work that needs to complete cannot complete.

[also remove unnecessary "load_module" var and now-wrong comment]

CVSS Scores

version 3.1
Expand this section

Red Hat

5.5 medium
  • Attack Vector (AV)
    Local
  • Attack Complexity (AC)
    Low
  • Privileges Required (PR)
    Low
  • User Interaction (UI)
    None
  • Scope (S)
    Unchanged
  • Confidentiality (C)
    None
  • Integrity (I)
    None
  • Availability (A)
    High