Vulnerability Lookup

🛡️ CVE-2024-50196

🟡 CVSS 5.5 — Medium ✅ No Known Exploit CWE-754 NVD

5.5

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ocelot: fix system hang on level based interrupts The current implementation only calls chained_irq_enter() and chained_irq_exit() if it detects pending interrupts. ``` for (i = 0; i stride; i++) { uregmap_read(info->map, id_reg + 4 * i, &reg); if (!reg) continue; chained_irq_enter(parent_chip, desc); ``` However, in case of GPIO pin configured in level mode and the parent controller configured in edge mode, GPIO interrupt might be lowered by the hardware. In the result, if the interrupt is short enough, the parent interrupt is still pending while the GPIO interrupt is cleared; chained_irq_enter() never gets called and the system hangs trying to service the parent interrupt. Moving chained_irq_enter() and chained_irq_exit() outside the for loop ensures that they are called even when GPIO interrupt is lowered by the hardware. The similar code with chained_irq_enter() / chained_irq_exit() functions wrapping interrupt checking loop may be found in many other drivers: ``` grep -r -A 10 chained_irq_enter drivers/pinctrl ```

Details

Severity MEDIUM

CVSS Score 5.5

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE CWE-754

Public Exploit ✅ No

Source NVD

Published 2024-11-08

Updated 2026-06-02

Modified 2025-11-03

Fix URL https://git.kernel.org/stable/c/20728e86289ab463b99b7ab4425515bd26aba417

Affected Packages

Software	From version	Fixed in
linux-kernel	—	—

References

Patch https://git.kernel.org/stable/c/20728e86289ab463b99b7ab4425515bd26aba417

Patch https://git.kernel.org/stable/c/4a81800ef05bea5a9896f199677f7b7f5020776a

Patch https://git.kernel.org/stable/c/655f5d4662b958122b260be05aa6dfdf8768efe6

Patch https://git.kernel.org/stable/c/93b8ddc54507a227087c60a0013ed833b6ae7d3c

Patch https://git.kernel.org/stable/c/dcbe9954634807ec54e22bde278b5b269f921381

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Patch Gap Protection

Running software with known vulnerabilities?

BotEraser can help reduce exposure by blocking IPs associated with exploit activity — even before a patch is available.

Start Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Running software with known vulnerabilities?

Company

Resources

Services

Trusted

Subscribe