CVE-2024-41036: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq: watchdog: BUG: soft lockup - CPU#0 stuck for 27s! call trace: queued_spin_lock_slowpath+0x100/0x284 do_raw_spin_lock+0x34/0x44 ks8851_start_xmit_spi+0x30/0xb8 ks8851_start_xmit+0x14/0x20 netdev_start_xmit+0x40/0x6c dev_hard_start_xmit+0x6c/0xbc sch_direct_xmit+0xa4/0x22c __qdisc_run+0x138/0x3fc qdisc_run+0x24/0x3c net_tx_action+0xf8/0x130 handle_softirqs+0x1ac/0x1f0 __do_softirq+0x14/0x20 ____do_softirq+0x10/0x1c call_on_irq_stack+0x3c/0x58 do_softirq_own_stack+0x1c/0x28 __irq_exit_rcu+0x54/0x9c irq_exit_rcu+0x10/0x1c el1_interrupt+0x38/0x50 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x64/0x68 __netif_schedule+0x6c/0x80 netif_tx_wake_queue+0x38/0x48 ks8851_irq+0xb8/0x2c8 irq_thread_fn+0x2c/0x74 irq_thread+0x10c/0x1b0 kthread+0xc8/0xd8 ret_from_fork+0x10/0x20 This issue has not been identified earlier because tests were done on a device with SMP disabled and so spinlocks were actually NOPs. Now use spin_(un)lock_bh for TX queue related locking to avoid execution of softirq work synchronously that would lead to a deadlock.
AI Analysis
Technical Summary
CVE-2024-41036 is a vulnerability identified in the Linux kernel's network driver for the KS8851 SPI Ethernet chip variant. The issue arises specifically when Symmetric Multi-Processing (SMP) is enabled, which means multiple CPUs or cores are active and spinlocks are functional. The vulnerability is a deadlock condition involving the 'statelock' spinlock between two kernel functions: ks8851_start_xmit_spi and ks8851_irq. This deadlock manifests as a soft lockup, where CPU#0 becomes stuck for an extended period (e.g., 27 seconds), effectively halting network transmission operations on affected devices. The root cause is that the locking mechanism used for the TX queue allows softirq work to execute synchronously, causing the spinlock to deadlock under SMP conditions. This problem was not detected earlier because testing was performed on devices with SMP disabled, where spinlocks are essentially no-ops and do not cause deadlocks. The fix involves replacing the spinlock calls with spin_(un)lock_bh variants, which disable bottom halves and prevent synchronous softirq execution, thereby avoiding the deadlock. The vulnerability affects specific Linux kernel versions identified by commit hashes, and no known exploits are reported in the wild as of the publication date. This issue impacts the network subsystem of the Linux kernel, specifically the KS8851 SPI Ethernet driver, which is used in embedded and industrial devices that rely on this chip for network connectivity. The deadlock can cause network transmission to freeze, leading to degraded system performance or denial of network service on affected systems.
Potential Impact
For European organizations, the impact of CVE-2024-41036 depends largely on the deployment of Linux systems using the KS8851 SPI Ethernet chip variant, particularly in embedded, industrial, or specialized networking equipment. Organizations relying on such hardware for critical network connectivity could experience network outages or degraded performance due to the deadlock-induced soft lockups. This can affect operational technology environments, manufacturing systems, or network appliances that use this driver. The deadlock can cause partial denial of service by halting network transmissions, potentially disrupting business operations, communications, or automated processes. While this vulnerability does not directly lead to remote code execution or data leakage, the availability impact can be significant in environments where uptime and network reliability are critical. European sectors such as manufacturing, energy, transportation, and telecommunications that use embedded Linux devices with this chip may face operational risks. Additionally, the lack of known exploits suggests that the threat is currently theoretical, but the vulnerability should be addressed promptly to avoid future exploitation or accidental system failures.
Mitigation Recommendations
To mitigate CVE-2024-41036, European organizations should: 1) Identify Linux systems and embedded devices using the KS8851 SPI Ethernet chip and verify the kernel versions against the affected commits. 2) Apply the official Linux kernel patches that replace the problematic spinlock usage with spin_(un)lock_bh to prevent deadlocks. If using vendor-specific kernels or distributions, coordinate with vendors for timely updates. 3) For systems where immediate patching is not feasible, consider disabling SMP if operationally acceptable, as the issue only manifests when SMP is enabled. However, this is a temporary workaround and may degrade performance. 4) Monitor system logs for soft lockup warnings or network transmission stalls that could indicate the deadlock condition. 5) Implement rigorous testing of kernel updates in staging environments that replicate SMP-enabled configurations to detect similar concurrency issues. 6) Engage with hardware and software vendors to ensure that embedded devices receive timely firmware and kernel updates addressing this vulnerability. 7) Maintain network redundancy and failover mechanisms to minimize operational impact in case affected devices experience outages.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Sweden, Finland
CVE-2024-41036: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq: watchdog: BUG: soft lockup - CPU#0 stuck for 27s! call trace: queued_spin_lock_slowpath+0x100/0x284 do_raw_spin_lock+0x34/0x44 ks8851_start_xmit_spi+0x30/0xb8 ks8851_start_xmit+0x14/0x20 netdev_start_xmit+0x40/0x6c dev_hard_start_xmit+0x6c/0xbc sch_direct_xmit+0xa4/0x22c __qdisc_run+0x138/0x3fc qdisc_run+0x24/0x3c net_tx_action+0xf8/0x130 handle_softirqs+0x1ac/0x1f0 __do_softirq+0x14/0x20 ____do_softirq+0x10/0x1c call_on_irq_stack+0x3c/0x58 do_softirq_own_stack+0x1c/0x28 __irq_exit_rcu+0x54/0x9c irq_exit_rcu+0x10/0x1c el1_interrupt+0x38/0x50 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x64/0x68 __netif_schedule+0x6c/0x80 netif_tx_wake_queue+0x38/0x48 ks8851_irq+0xb8/0x2c8 irq_thread_fn+0x2c/0x74 irq_thread+0x10c/0x1b0 kthread+0xc8/0xd8 ret_from_fork+0x10/0x20 This issue has not been identified earlier because tests were done on a device with SMP disabled and so spinlocks were actually NOPs. Now use spin_(un)lock_bh for TX queue related locking to avoid execution of softirq work synchronously that would lead to a deadlock.
AI-Powered Analysis
Technical Analysis
CVE-2024-41036 is a vulnerability identified in the Linux kernel's network driver for the KS8851 SPI Ethernet chip variant. The issue arises specifically when Symmetric Multi-Processing (SMP) is enabled, which means multiple CPUs or cores are active and spinlocks are functional. The vulnerability is a deadlock condition involving the 'statelock' spinlock between two kernel functions: ks8851_start_xmit_spi and ks8851_irq. This deadlock manifests as a soft lockup, where CPU#0 becomes stuck for an extended period (e.g., 27 seconds), effectively halting network transmission operations on affected devices. The root cause is that the locking mechanism used for the TX queue allows softirq work to execute synchronously, causing the spinlock to deadlock under SMP conditions. This problem was not detected earlier because testing was performed on devices with SMP disabled, where spinlocks are essentially no-ops and do not cause deadlocks. The fix involves replacing the spinlock calls with spin_(un)lock_bh variants, which disable bottom halves and prevent synchronous softirq execution, thereby avoiding the deadlock. The vulnerability affects specific Linux kernel versions identified by commit hashes, and no known exploits are reported in the wild as of the publication date. This issue impacts the network subsystem of the Linux kernel, specifically the KS8851 SPI Ethernet driver, which is used in embedded and industrial devices that rely on this chip for network connectivity. The deadlock can cause network transmission to freeze, leading to degraded system performance or denial of network service on affected systems.
Potential Impact
For European organizations, the impact of CVE-2024-41036 depends largely on the deployment of Linux systems using the KS8851 SPI Ethernet chip variant, particularly in embedded, industrial, or specialized networking equipment. Organizations relying on such hardware for critical network connectivity could experience network outages or degraded performance due to the deadlock-induced soft lockups. This can affect operational technology environments, manufacturing systems, or network appliances that use this driver. The deadlock can cause partial denial of service by halting network transmissions, potentially disrupting business operations, communications, or automated processes. While this vulnerability does not directly lead to remote code execution or data leakage, the availability impact can be significant in environments where uptime and network reliability are critical. European sectors such as manufacturing, energy, transportation, and telecommunications that use embedded Linux devices with this chip may face operational risks. Additionally, the lack of known exploits suggests that the threat is currently theoretical, but the vulnerability should be addressed promptly to avoid future exploitation or accidental system failures.
Mitigation Recommendations
To mitigate CVE-2024-41036, European organizations should: 1) Identify Linux systems and embedded devices using the KS8851 SPI Ethernet chip and verify the kernel versions against the affected commits. 2) Apply the official Linux kernel patches that replace the problematic spinlock usage with spin_(un)lock_bh to prevent deadlocks. If using vendor-specific kernels or distributions, coordinate with vendors for timely updates. 3) For systems where immediate patching is not feasible, consider disabling SMP if operationally acceptable, as the issue only manifests when SMP is enabled. However, this is a temporary workaround and may degrade performance. 4) Monitor system logs for soft lockup warnings or network transmission stalls that could indicate the deadlock condition. 5) Implement rigorous testing of kernel updates in staging environments that replicate SMP-enabled configurations to detect similar concurrency issues. 6) Engage with hardware and software vendors to ensure that embedded devices receive timely firmware and kernel updates addressing this vulnerability. 7) Maintain network redundancy and failover mechanisms to minimize operational impact in case affected devices experience outages.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-12T12:17:45.620Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9821c4522896dcbddf3b
Added to database: 5/21/2025, 9:08:49 AM
Last enriched: 6/28/2025, 4:25:43 AM
Last updated: 8/16/2025, 8:31:09 PM
Views: 13
Related Threats
CVE-2025-9300: Stack-based Buffer Overflow in saitoha libsixel
MediumCVE-2025-47184: n/a
UnknownCVE-2025-9299: Stack-based Buffer Overflow in Tenda M3
HighCVE-2025-9298: Stack-based Buffer Overflow in Tenda M3
HighCVE-2025-9297: Stack-based Buffer Overflow in Tenda i22
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.