cvelist/2024/26xxx/CVE-2024-26918.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-26918",
        "ASSIGNER": "cve@kernel.org",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix active state requirement in PME polling\n\nThe commit noted in fixes added a bogus requirement that runtime PM managed\ndevices need to be in the RPM_ACTIVE state for PME polling.  In fact, only\ndevices in low power states should be polled.\n\nHowever there's still a requirement that the device config space must be\naccessible, which has implications for both the current state of the polled\ndevice and the parent bridge, when present.  It's not sufficient to assume\nthe bridge remains in D0 and cases have been observed where the bridge\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\n\nTherefore, since the bridge is already effectively required to be in the\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\nto maintain the state while polling the subordinate device.\n\nThis resolves a regression reported in the bugzilla below where a\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\ndownstream of a bridge in a D3hot power state."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Linux",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Linux",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_name": "d3fcd7360338",
                                            "version_value": "63b1a3d9dd3b"
                                        },
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "version": "6.6",
                                                        "status": "affected"
                                                    },
                                                    {
                                                        "version": "0",
                                                        "lessThan": "6.6",
                                                        "status": "unaffected",
                                                        "versionType": "custom"
                                                    },
                                                    {
                                                        "version": "6.6.18",
                                                        "lessThanOrEqual": "6.6.*",
                                                        "status": "unaffected",
                                                        "versionType": "custom"
                                                    },
                                                    {
                                                        "version": "6.7.6",
                                                        "lessThanOrEqual": "6.7.*",
                                                        "status": "unaffected",
                                                        "versionType": "custom"
                                                    },
                                                    {
                                                        "version": "6.8",
                                                        "lessThanOrEqual": "*",
                                                        "status": "unaffected",
                                                        "versionType": "original_commit_for_fix"
                                                    }
                                                ],
                                                "defaultStatus": "affected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583",
                "refsource": "MISC",
                "name": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583"
            },
            {
                "url": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b",
                "refsource": "MISC",
                "name": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b"
            },
            {
                "url": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73",
                "refsource": "MISC",
                "name": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73"
            }
        ]
    },
    "generator": {
        "engine": "bippy-a5840b7849dd"
    }
}
"-Synchronized-Data." 2024-02-19 15:01:23 +00:00			`{`
"-Synchronized-Data." 2024-04-17 16:00:32 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-02-19 15:01:23 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-26918",`
"-Synchronized-Data." 2024-04-17 16:00:32 +00:00			`"ASSIGNER": "cve@kernel.org",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-02-19 15:01:23 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-04-17 16:00:32 +00:00			"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix active state requirement in PME polling\n\nThe commit noted in fixes added a bogus requirement that runtime PM managed\ndevices need to be in the RPM_ACTIVE state for PME polling. In fact, only\ndevices in low power states should be polled.\n\nHowever there's still a requirement that the device config space must be\naccessible, which has implications for both the current state of the polled\ndevice and the parent bridge, when present. It's not sufficient to assume\nthe bridge remains in D0 and cases have been observed where the bridge\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\n\nTherefore, since the bridge is already effectively required to be in the\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\nto maintain the state while polling the subordinate device.\n\nThis resolves a regression reported in the bugzilla below where a\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\ndownstream of a bridge in a D3hot power state."
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Linux",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Linux",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "<",`
			`"version_name": "d3fcd7360338",`
			`"version_value": "63b1a3d9dd3b"`
			`},`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"versions": [`
			`{`
			`"version": "6.6",`
			`"status": "affected"`
			`},`
			`{`
			`"version": "0",`
			`"lessThan": "6.6",`
			`"status": "unaffected",`
			`"versionType": "custom"`
			`},`
			`{`
			`"version": "6.6.18",`
			`"lessThanOrEqual": "6.6.*",`
			`"status": "unaffected",`
			`"versionType": "custom"`
			`},`
			`{`
			`"version": "6.7.6",`
			`"lessThanOrEqual": "6.7.*",`
			`"status": "unaffected",`
			`"versionType": "custom"`
			`},`
			`{`
			`"version": "6.8",`
			`"lessThanOrEqual": "*",`
			`"status": "unaffected",`
			`"versionType": "original_commit_for_fix"`
			`}`
			`],`
			`"defaultStatus": "affected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583",`
			`"refsource": "MISC",`
			`"name": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b",`
			`"refsource": "MISC",`
			`"name": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73",`
			`"refsource": "MISC",`
			`"name": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73"`
"-Synchronized-Data." 2024-02-19 15:01:23 +00:00			`}`
			`]`
"-Synchronized-Data." 2024-04-17 16:00:32 +00:00			`},`
			`"generator": {`
"-Synchronized-Data." 2024-05-29 06:03:45 +00:00			`"engine": "bippy-a5840b7849dd"`
"-Synchronized-Data." 2024-02-19 15:01:23 +00:00			`}`
			`}`