CVE-2024-43876

{"id": "CVE-2024-43876", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-08-21T01:15:11.973", "references": [{"url": "https://git.kernel.org/stable/c/2ae4769332dfdb97f4b6f5dc9ac8f46d02aaa3df", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3ff3bdde950f1840df4030726cef156758a244d7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/526a877c6273d4cd0d0aede84c1d620479764b1c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c93637e6a4c4e1d0e85ef7efac78d066bbb24d96", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()\n\nAvoid large backtrace, it is sufficient to warn the user that there has\nbeen a link problem. Either the link has failed and the system is in need\nof maintenance, or the link continues to work and user has been informed.\nThe message from the warning can be looked up in the sources.\n\nThis makes an actual link issue less verbose.\n\nFirst of all, this controller has a limitation in that the controller\ndriver has to assist the hardware with transition to L1 link state by\nwriting L1IATN to PMCTRL register, the L1 and L0 link state switching\nis not fully automatic on this controller.\n\nIn case of an ASMedia ASM1062 PCIe SATA controller which does not support\nASPM, on entry to suspend or during platform pm_test, the SATA controller\nenters D3hot state and the link enters L1 state. If the SATA controller\nwakes up before rcar_pcie_wakeup() was called and returns to D0, the link\nreturns to L0 before the controller driver even started its transition to\nL1 link state. At this point, the SATA controller did send an PM_ENTER_L1\nDLLP to the PCIe controller and the PCIe controller received it, and the\nPCIe controller did set PMSR PMEL1RX bit.\n\nOnce rcar_pcie_wakeup() is called, if the link is already back in L0 state\nand PMEL1RX bit is set, the controller driver has no way to determine if\nit should perform the link transition to L1 state, or treat the link as if\nit is in L0 state. Currently the driver attempts to perform the transition\nto L1 link state unconditionally, which in this specific case fails with a\nPMSR L1FAEG poll timeout, however the link still works as it is already\nback in L0 state.\n\nReduce this warning verbosity. In case the link is really broken, the\nrcar_pcie_config_access() would fail, otherwise it will succeed and any\nsystem with this controller and ASM1062 can suspend without generating\na backtrace."}, {"lang": "es", "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: PCI: rcar: Degradar WARN() a dev_warn_ratelimited() en rcar_pcie_wakeup() Evitar un gran backtrace, basta con avisar al usuario que ha habido un problema de enlace. O el enlace fall\u00f3 y el sistema necesita mantenimiento, o el enlace contin\u00faa funcionando y el usuario ha sido informado. El mensaje de la advertencia se puede buscar en las fuentes. Esto hace que un problema de enlace real sea menos detallado. En primer lugar, este controlador tiene una limitaci\u00f3n en el sentido de que el controlador del controlador tiene que ayudar al hardware con la transici\u00f3n al estado de enlace L1 escribiendo L1IATN en el registro PMCTRL; el cambio de estado de enlace L1 y L0 no es completamente autom\u00e1tico en este controlador. En el caso de un controlador ASMedia ASM1062 PCIe SATA que no admite ASPM, al entrar a suspender o durante la plataforma pm_test, el controlador SATA ingresa al estado D3hot y el enlace ingresa al estado L1. Si el controlador SATA se activa antes de que se llamara a rcar_pcie_wakeup() y regresa a D0, el enlace regresa a L0 antes de que el controlador del controlador comenzara su transici\u00f3n al estado de enlace L1. En este punto, el controlador SATA envi\u00f3 un DLLP PM_ENTER_L1 al controlador PCIe y el controlador PCIe lo recibi\u00f3, y el controlador PCIe configur\u00f3 el bit PMSR PMEL1RX. Una vez que se llama a rcar_pcie_wakeup(), si el enlace ya est\u00e1 nuevamente en el estado L0 y el bit PMEL1RX est\u00e1 configurado, el controlador del controlador no tiene forma de determinar si debe realizar la transici\u00f3n del enlace al estado L1 o tratar el enlace como si estuviera en estado L0. Estado L0. Actualmente, el controlador intenta realizar la transici\u00f3n al estado del enlace L1 incondicionalmente, lo que en este caso espec\u00edfico falla con un tiempo de espera de sondeo PMSR L1FAEG; sin embargo, el enlace a\u00fan funciona porque ya est\u00e1 nuevamente en el estado L0. Reduzca la verbosidad de esta advertencia. En caso de que el enlace est\u00e9 realmente roto, rcar_pcie_config_access() fallar\u00e1; de lo contrario, tendr\u00e1 \u00e9xito y cualquier sistema con este controlador y ASM1062 puede suspenderse sin generar un seguimiento."}], "lastModified": "2025-10-10T13:47:20.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADED9C16-75E2-47CC-A756-30929EBBF848", "versionEndExcluding": "6.1.103", "versionStartIncluding": "5.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC912330-6B41-4C6B-99AF-F3857FBACB6A", "versionEndExcluding": "6.6.44", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92D388F2-1EAF-4CFA-AC06-5B26D762EA7D", "versionEndExcluding": "6.10.3", "versionStartIncluding": "6.7"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}