CVE-2024-58090: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouter_resume+0x0/0x50 WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220 kernel_kexec+0xf6/0x180 __do_sys_reboot+0x206/0x250 do_syscall_64+0x95/0x180 The corresponding interrupt flag trace: hardirqs last enabled at (15573): [<ffffffffa8281b8e>] __up_console_sem+0x7e/0x90 hardirqs last disabled at (15580): [<ffffffffa8281b73>] __up_console_sem+0x63/0x90 That means __up_console_sem() was invoked with interrupts enabled. Further instrumentation revealed that in the interrupt disabled section of kexec jump one of the syscore_suspend() callbacks woke up a task, which set the NEED_RESCHED flag. A later callback in the resume path invoked cond_resched() which in turn led to the invocation of the scheduler: __cond_resched+0x21/0x60 down_timeout+0x18/0x60 acpi_os_wait_semaphore+0x4c/0x80 acpi_ut_acquire_mutex+0x3d/0x100 acpi_ns_get_node+0x27/0x60 acpi_ns_evaluate+0x1cb/0x2d0 acpi_rs_set_srs_method_data+0x156/0x190 acpi_pci_link_set+0x11c/0x290 irqrouter_resume+0x54/0x60 syscore_resume+0x6a/0x200 kernel_kexec+0x145/0x1c0 __do_sys_reboot+0xeb/0x240 do_syscall_64+0x95/0x180 This is a long standing problem, which probably got more visible with the recent printk changes. Something does a task wakeup and the scheduler sets the NEED_RESCHED flag. cond_resched() sees it set and invokes schedule() from a completely bogus context. The scheduler enables interrupts after context switching, which causes the above warning at the end. Quite some of the code paths in syscore_suspend()/resume() can result in triggering a wakeup with the exactly same consequences. They might not have done so yet, but as they share a lot of code with normal operations it's just a question of time. The problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling models. Full preemption is not affected as cond_resched() is disabled and the preemption check preemptible() takes the interrupt disabled flag into account. Cure the problem by adding a corresponding check into cond_resched().
AI Analysis
Technical Summary
CVE-2024-58090 is a vulnerability identified in the Linux kernel's scheduler core, specifically affecting the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling models. The issue arises from improper handling of rescheduling when interrupts are disabled. During the kernel's kexec jump process, a warning was observed indicating that interrupts were enabled after the irqrouter_resume function, which should not occur. The root cause is that within the interrupt-disabled section of the kexec jump, a syscore_suspend() callback wakes up a task, setting the NEED_RESCHED flag. Later, during the resume path, cond_resched() is invoked, which triggers the scheduler to run in an invalid context where interrupts are disabled. This leads to the scheduler enabling interrupts after a context switch, causing warnings and potentially unstable behavior. The problem is longstanding but has become more visible due to recent printk changes. The vulnerability does not affect the fully preemptible scheduling model (PREEMPT_RT) because cond_resched() is disabled there and preemption checks consider the interrupt-disabled state. The fix involves adding a check in cond_resched() to prevent scheduling when interrupts are disabled. This vulnerability could cause kernel instability or crashes during system reboot or kexec operations, especially on systems using the affected scheduling models. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with PREEMPT_NONE or PREEMPT_VOLUNTARY scheduling models, which are common in many server and embedded environments. The issue could lead to kernel warnings, instability, or crashes during critical operations such as system reboot or kexec jumps, potentially causing downtime or service interruptions. This is particularly impactful for data centers, cloud providers, and enterprises relying on Linux-based infrastructure for critical workloads. While it does not directly lead to privilege escalation or remote code execution, the instability could be exploited by attackers to cause denial of service or disrupt operations. Organizations with high availability requirements or those operating critical infrastructure should be especially cautious. Since the vulnerability is triggered during system reboot or kernel execution transitions, it may also affect automated update and recovery processes, increasing operational risk.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2024-58090 as soon as it becomes available. In the interim, system administrators should audit their kernel configurations to identify if PREEMPT_NONE or PREEMPT_VOLUNTARY scheduling models are in use and consider migrating to fully preemptible kernels (PREEMPT_RT) where feasible, as these are not affected. Additionally, organizations should carefully monitor kernel logs for warnings related to interrupts and scheduler activity, especially during reboot or kexec operations, to detect potential exploitation or instability. Testing kernel updates in staging environments before deployment can help avoid unexpected downtime. For embedded or specialized systems where kernel updates are delayed, applying vendor-specific patches or workarounds that disable problematic syscore_suspend()/resume() callbacks may reduce risk. Finally, maintaining robust backup and recovery procedures will mitigate operational impact if instability occurs.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland
CVE-2024-58090: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouter_resume+0x0/0x50 WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220 kernel_kexec+0xf6/0x180 __do_sys_reboot+0x206/0x250 do_syscall_64+0x95/0x180 The corresponding interrupt flag trace: hardirqs last enabled at (15573): [<ffffffffa8281b8e>] __up_console_sem+0x7e/0x90 hardirqs last disabled at (15580): [<ffffffffa8281b73>] __up_console_sem+0x63/0x90 That means __up_console_sem() was invoked with interrupts enabled. Further instrumentation revealed that in the interrupt disabled section of kexec jump one of the syscore_suspend() callbacks woke up a task, which set the NEED_RESCHED flag. A later callback in the resume path invoked cond_resched() which in turn led to the invocation of the scheduler: __cond_resched+0x21/0x60 down_timeout+0x18/0x60 acpi_os_wait_semaphore+0x4c/0x80 acpi_ut_acquire_mutex+0x3d/0x100 acpi_ns_get_node+0x27/0x60 acpi_ns_evaluate+0x1cb/0x2d0 acpi_rs_set_srs_method_data+0x156/0x190 acpi_pci_link_set+0x11c/0x290 irqrouter_resume+0x54/0x60 syscore_resume+0x6a/0x200 kernel_kexec+0x145/0x1c0 __do_sys_reboot+0xeb/0x240 do_syscall_64+0x95/0x180 This is a long standing problem, which probably got more visible with the recent printk changes. Something does a task wakeup and the scheduler sets the NEED_RESCHED flag. cond_resched() sees it set and invokes schedule() from a completely bogus context. The scheduler enables interrupts after context switching, which causes the above warning at the end. Quite some of the code paths in syscore_suspend()/resume() can result in triggering a wakeup with the exactly same consequences. They might not have done so yet, but as they share a lot of code with normal operations it's just a question of time. The problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling models. Full preemption is not affected as cond_resched() is disabled and the preemption check preemptible() takes the interrupt disabled flag into account. Cure the problem by adding a corresponding check into cond_resched().
AI-Powered Analysis
Technical Analysis
CVE-2024-58090 is a vulnerability identified in the Linux kernel's scheduler core, specifically affecting the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling models. The issue arises from improper handling of rescheduling when interrupts are disabled. During the kernel's kexec jump process, a warning was observed indicating that interrupts were enabled after the irqrouter_resume function, which should not occur. The root cause is that within the interrupt-disabled section of the kexec jump, a syscore_suspend() callback wakes up a task, setting the NEED_RESCHED flag. Later, during the resume path, cond_resched() is invoked, which triggers the scheduler to run in an invalid context where interrupts are disabled. This leads to the scheduler enabling interrupts after a context switch, causing warnings and potentially unstable behavior. The problem is longstanding but has become more visible due to recent printk changes. The vulnerability does not affect the fully preemptible scheduling model (PREEMPT_RT) because cond_resched() is disabled there and preemption checks consider the interrupt-disabled state. The fix involves adding a check in cond_resched() to prevent scheduling when interrupts are disabled. This vulnerability could cause kernel instability or crashes during system reboot or kexec operations, especially on systems using the affected scheduling models. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with PREEMPT_NONE or PREEMPT_VOLUNTARY scheduling models, which are common in many server and embedded environments. The issue could lead to kernel warnings, instability, or crashes during critical operations such as system reboot or kexec jumps, potentially causing downtime or service interruptions. This is particularly impactful for data centers, cloud providers, and enterprises relying on Linux-based infrastructure for critical workloads. While it does not directly lead to privilege escalation or remote code execution, the instability could be exploited by attackers to cause denial of service or disrupt operations. Organizations with high availability requirements or those operating critical infrastructure should be especially cautious. Since the vulnerability is triggered during system reboot or kernel execution transitions, it may also affect automated update and recovery processes, increasing operational risk.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2024-58090 as soon as it becomes available. In the interim, system administrators should audit their kernel configurations to identify if PREEMPT_NONE or PREEMPT_VOLUNTARY scheduling models are in use and consider migrating to fully preemptible kernels (PREEMPT_RT) where feasible, as these are not affected. Additionally, organizations should carefully monitor kernel logs for warnings related to interrupts and scheduler activity, especially during reboot or kexec operations, to detect potential exploitation or instability. Testing kernel updates in staging environments before deployment can help avoid unexpected downtime. For embedded or specialized systems where kernel updates are delayed, applying vendor-specific patches or workarounds that disable problematic syscore_suspend()/resume() callbacks may reduce risk. Finally, maintaining robust backup and recovery procedures will mitigate operational impact if instability occurs.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-03-06T15:52:09.188Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde359
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 6:10:27 AM
Last updated: 8/17/2025, 2:41:55 PM
Views: 22
Related Threats
CVE-2025-43758: CWE-552 Files or Directories Accessible to External Parties in Liferay Portal
MediumCVE-2025-52287: n/a
HighCVE-2025-55581: n/a
HighCVE-2025-52085: n/a
HighCVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.