CVE-2024-35968: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: pds_core: Fix pdsc_check_pci_health function to use work thread When the driver notices fw_status == 0xff it tries to perform a PCI reset on itself via pci_reset_function() in the context of the driver's health thread. However, pdsc_reset_prepare calls pdsc_stop_health_thread(), which attempts to stop/flush the health thread. This results in a deadlock because the stop/flush will never complete since the driver called pci_reset_function() from the health thread context. Fix by changing the pdsc_check_pci_health_function() to queue a newly introduced pdsc_pci_reset_thread() on the pdsc's work queue. Unloading the driver in the fw_down/dead state uncovered another issue, which can be seen in the following trace: WARNING: CPU: 51 PID: 6914 at kernel/workqueue.c:1450 __queue_work+0x358/0x440 [...] RIP: 0010:__queue_work+0x358/0x440 [...] Call Trace: <TASK> ? __warn+0x85/0x140 ? __queue_work+0x358/0x440 ? report_bug+0xfc/0x1e0 ? handle_bug+0x3f/0x70 ? exc_invalid_op+0x17/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? __queue_work+0x358/0x440 queue_work_on+0x28/0x30 pdsc_devcmd_locked+0x96/0xe0 [pds_core] pdsc_devcmd_reset+0x71/0xb0 [pds_core] pdsc_teardown+0x51/0xe0 [pds_core] pdsc_remove+0x106/0x200 [pds_core] pci_device_remove+0x37/0xc0 device_release_driver_internal+0xae/0x140 driver_detach+0x48/0x90 bus_remove_driver+0x6d/0xf0 pci_unregister_driver+0x2e/0xa0 pdsc_cleanup_module+0x10/0x780 [pds_core] __x64_sys_delete_module+0x142/0x2b0 ? syscall_trace_enter.isra.18+0x126/0x1a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7fbd9d03a14b [...] Fix this by preventing the devcmd reset if the FW is not running.
AI Analysis
Technical Summary
CVE-2024-35968 is a vulnerability identified in the Linux kernel's pds_core driver, specifically related to the handling of PCI device resets within the driver's health monitoring thread. The vulnerability arises from a deadlock condition triggered when the driver detects a firmware status of 0xff and attempts to perform a PCI reset on itself by invoking pci_reset_function() from within the health thread context. Concurrently, the function pdsc_reset_prepare calls pdsc_stop_health_thread(), which tries to stop and flush the health thread. Because pci_reset_function() is called from the same thread that is being stopped, the stop/flush operation never completes, resulting in a deadlock. This deadlock can cause the system or the affected driver to hang, potentially impacting system stability and availability. Additionally, unloading the driver when the firmware is down or in a dead state exposes another issue involving improper handling of workqueue operations, leading to kernel warnings and possible crashes. The trace provided indicates that attempts to queue work during driver removal can cause invalid operations and kernel warnings, further compromising system stability. The fix implemented involves changing the pdsc_check_pci_health_function() to queue a new pdsc_pci_reset_thread() on the driver's work queue instead of performing the reset directly in the health thread, thereby avoiding the deadlock. Moreover, the fix prevents the devcmd reset operation if the firmware is not running, addressing the issue during driver unload. This vulnerability affects Linux kernel versions containing the vulnerable pds_core driver code as identified by the affected commit hashes. While no known exploits are reported in the wild, the flaw could be triggered by conditions leading to the firmware reporting a 0xff status or during driver unload sequences, potentially causing denial of service through system hangs or crashes.
Potential Impact
For European organizations relying on Linux-based systems, especially those using hardware components managed by the pds_core driver (likely related to PCI devices from specific vendors), this vulnerability poses a risk primarily to system availability and stability. Systems could experience deadlocks or kernel crashes leading to downtime, which can disrupt critical services, especially in sectors like finance, healthcare, telecommunications, and industrial control where Linux servers and embedded devices are prevalent. The inability to properly reset PCI devices or unload drivers safely could also complicate maintenance and patching operations, increasing operational risk. Although there is no evidence of exploitation in the wild, the vulnerability's nature means that attackers with local access or the ability to induce firmware error states could trigger denial-of-service conditions. This could be leveraged in multi-tenant environments or cloud infrastructures common in Europe to impact service availability.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions containing the patch for CVE-2024-35968 as soon as they become available. Since the vulnerability involves kernel driver behavior, applying vendor-supplied kernel updates or backported patches is critical. System administrators should audit their environments to identify systems using the pds_core driver or related PCI devices and verify firmware health monitoring configurations. Where possible, restrict unprivileged user access to interfaces that could trigger firmware status changes or driver resets. Implement monitoring to detect kernel warnings or deadlocks related to PCI device resets and driver unloads. For environments where immediate patching is not feasible, consider isolating affected systems or limiting access to reduce the risk of triggering the vulnerability. Additionally, coordinate with hardware vendors to ensure firmware is up to date and compatible with patched drivers to prevent erroneous firmware status reporting.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy
CVE-2024-35968: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: pds_core: Fix pdsc_check_pci_health function to use work thread When the driver notices fw_status == 0xff it tries to perform a PCI reset on itself via pci_reset_function() in the context of the driver's health thread. However, pdsc_reset_prepare calls pdsc_stop_health_thread(), which attempts to stop/flush the health thread. This results in a deadlock because the stop/flush will never complete since the driver called pci_reset_function() from the health thread context. Fix by changing the pdsc_check_pci_health_function() to queue a newly introduced pdsc_pci_reset_thread() on the pdsc's work queue. Unloading the driver in the fw_down/dead state uncovered another issue, which can be seen in the following trace: WARNING: CPU: 51 PID: 6914 at kernel/workqueue.c:1450 __queue_work+0x358/0x440 [...] RIP: 0010:__queue_work+0x358/0x440 [...] Call Trace: <TASK> ? __warn+0x85/0x140 ? __queue_work+0x358/0x440 ? report_bug+0xfc/0x1e0 ? handle_bug+0x3f/0x70 ? exc_invalid_op+0x17/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? __queue_work+0x358/0x440 queue_work_on+0x28/0x30 pdsc_devcmd_locked+0x96/0xe0 [pds_core] pdsc_devcmd_reset+0x71/0xb0 [pds_core] pdsc_teardown+0x51/0xe0 [pds_core] pdsc_remove+0x106/0x200 [pds_core] pci_device_remove+0x37/0xc0 device_release_driver_internal+0xae/0x140 driver_detach+0x48/0x90 bus_remove_driver+0x6d/0xf0 pci_unregister_driver+0x2e/0xa0 pdsc_cleanup_module+0x10/0x780 [pds_core] __x64_sys_delete_module+0x142/0x2b0 ? syscall_trace_enter.isra.18+0x126/0x1a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7fbd9d03a14b [...] Fix this by preventing the devcmd reset if the FW is not running.
AI-Powered Analysis
Technical Analysis
CVE-2024-35968 is a vulnerability identified in the Linux kernel's pds_core driver, specifically related to the handling of PCI device resets within the driver's health monitoring thread. The vulnerability arises from a deadlock condition triggered when the driver detects a firmware status of 0xff and attempts to perform a PCI reset on itself by invoking pci_reset_function() from within the health thread context. Concurrently, the function pdsc_reset_prepare calls pdsc_stop_health_thread(), which tries to stop and flush the health thread. Because pci_reset_function() is called from the same thread that is being stopped, the stop/flush operation never completes, resulting in a deadlock. This deadlock can cause the system or the affected driver to hang, potentially impacting system stability and availability. Additionally, unloading the driver when the firmware is down or in a dead state exposes another issue involving improper handling of workqueue operations, leading to kernel warnings and possible crashes. The trace provided indicates that attempts to queue work during driver removal can cause invalid operations and kernel warnings, further compromising system stability. The fix implemented involves changing the pdsc_check_pci_health_function() to queue a new pdsc_pci_reset_thread() on the driver's work queue instead of performing the reset directly in the health thread, thereby avoiding the deadlock. Moreover, the fix prevents the devcmd reset operation if the firmware is not running, addressing the issue during driver unload. This vulnerability affects Linux kernel versions containing the vulnerable pds_core driver code as identified by the affected commit hashes. While no known exploits are reported in the wild, the flaw could be triggered by conditions leading to the firmware reporting a 0xff status or during driver unload sequences, potentially causing denial of service through system hangs or crashes.
Potential Impact
For European organizations relying on Linux-based systems, especially those using hardware components managed by the pds_core driver (likely related to PCI devices from specific vendors), this vulnerability poses a risk primarily to system availability and stability. Systems could experience deadlocks or kernel crashes leading to downtime, which can disrupt critical services, especially in sectors like finance, healthcare, telecommunications, and industrial control where Linux servers and embedded devices are prevalent. The inability to properly reset PCI devices or unload drivers safely could also complicate maintenance and patching operations, increasing operational risk. Although there is no evidence of exploitation in the wild, the vulnerability's nature means that attackers with local access or the ability to induce firmware error states could trigger denial-of-service conditions. This could be leveraged in multi-tenant environments or cloud infrastructures common in Europe to impact service availability.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions containing the patch for CVE-2024-35968 as soon as they become available. Since the vulnerability involves kernel driver behavior, applying vendor-supplied kernel updates or backported patches is critical. System administrators should audit their environments to identify systems using the pds_core driver or related PCI devices and verify firmware health monitoring configurations. Where possible, restrict unprivileged user access to interfaces that could trigger firmware status changes or driver resets. Implement monitoring to detect kernel warnings or deadlocks related to PCI device resets and driver unloads. For environments where immediate patching is not feasible, consider isolating affected systems or limiting access to reduce the risk of triggering the vulnerability. Additionally, coordinate with hardware vendors to ensure firmware is up to date and compatible with patched drivers to prevent erroneous firmware status reporting.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-17T13:50:33.140Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe230d
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 8:41:03 AM
Last updated: 7/30/2025, 2:45:44 PM
Views: 9
Related Threats
CVE-2025-36088: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Storage TS4500 Library
MediumCVE-2025-43490: CWE-59 Improper Link Resolution Before File Access ('Link Following') in HP, Inc. HP Hotkey Support Software
MediumCVE-2025-9060: CWE-20 Improper Input Validation in MSoft MFlash
CriticalCVE-2025-8675: CWE-918 Server-Side Request Forgery (SSRF) in Drupal AI SEO Link Advisor
MediumCVE-2025-8362: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Drupal GoogleTag Manager
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.