Deadlock Affecting kernel-zfcpdump-modules-internal package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL9-KERNELZFCPDUMPMODULESINTERNAL-7479481
- published 17 Jul 2024
- disclosed 12 Jul 2024
Introduced: 12 Jul 2024
CVE-2024-40967 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:9
kernel-zfcpdump-modules-internal
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-modules-internal
package and not the kernel-zfcpdump-modules-internal
package as distributed by RHEL
.
See How to fix?
for RHEL:9
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
serial: imx: Introduce timeout when waiting on transmitter empty
By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock.
In case of the timeout, there is not much we can do, so we simply ignore the transmitter state and optimistically try to continue.
References
- https://access.redhat.com/security/cve/CVE-2024-40967
- https://git.kernel.org/stable/c/53b2c95547427c358f45515a9f144efee95e3701
- https://git.kernel.org/stable/c/7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7
- https://git.kernel.org/stable/c/7f9e70c68b7ace0141fe3bc94bf7b61296b71916
- https://git.kernel.org/stable/c/982ae3376c4c91590d38dc8a676c10f7df048a44
- https://git.kernel.org/stable/c/e533e4c62e9993e62e947ae9bbec34e4c7ae81c2