{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:29:22.897","vulnerabilities":[{"cve":{"id":"CVE-2024-49927","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T18:15:14.737","lastModified":"2025-11-03T23:16:31.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/ioapic: Handle allocation failures gracefully\n\nBreno observed panics when using failslab under certain conditions during\nruntime:\n\n   can not alloc irq_pin_list (-1,0,20)\n   Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed\n\n   panic+0x4e9/0x590\n   mp_irqdomain_alloc+0x9ab/0xa80\n   irq_domain_alloc_irqs_locked+0x25d/0x8d0\n   __irq_domain_alloc_irqs+0x80/0x110\n   mp_map_pin_to_irq+0x645/0x890\n   acpi_register_gsi_ioapic+0xe6/0x150\n   hpet_open+0x313/0x480\n\nThat's a pointless panic which is a leftover of the historic IO/APIC code\nwhich panic'ed during early boot when the interrupt allocation failed.\n\nThe only place which might justify panic is the PIT/HPET timer_check() code\nwhich tries to figure out whether the timer interrupt is delivered through\nthe IO/APIC. But that code does not require to handle interrupt allocation\nfailures. If the interrupt cannot be allocated then timer delivery fails\nand it either panics due to that or falls back to legacy mode.\n\nCure this by removing the panic wrapper around __add_pin_to_irq_node() and\nmaking mp_irqdomain_alloc() aware of the failure condition and handle it as\nany other failure in this function gracefully."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/ioapic: Manejar errores de asignación con elegancia Breno observó pánicos al usar failslab bajo ciertas condiciones durante el tiempo de ejecución: no se puede asignar irq_pin_list (-1,0,20) Pánico del kernel: no se sincroniza: IO-APIC: no se pudo agregar irq-pin. No se puede continuar panic+0x4e9/0x590 mp_irqdomain_alloc+0x9ab/0xa80 irq_domain_alloc_irqs_locked+0x25d/0x8d0 __irq_domain_alloc_irqs+0x80/0x110 mp_map_pin_to_irq+0x645/0x890 acpi_register_gsi_ioapic+0xe6/0x150 hpet_open+0x313/0x480 Ese es un pánico sin sentido que es un remanente del código IO/APIC histórico que entró en pánico durante el arranque temprano cuando falló la asignación de interrupción. El único lugar que podría justificar el pánico es el código timer_check() de PIT/HPET que intenta averiguar si la interrupción del temporizador se entrega a través de IO/APIC. Pero ese código no requiere manejar fallos de asignación de interrupciones. Si no se puede asignar la interrupción, la entrega del temporizador fallo y entra en pánico debido a eso o vuelve al modo heredado. Solucione esto eliminando el contenedor de pánico alrededor de __add_pin_to_irq_node() y haciendo que mp_irqdomain_alloc() sea consciente de la condición de fallo y la maneje como cualquier otra fallo en esta función de manera elegante."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.168","matchCriteriaId":"F032D82B-5582-4DF5-B921-BFE0BD301364"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.113","matchCriteriaId":"D01BD22E-ACD1-4618-9D01-6116570BE1EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.55","matchCriteriaId":"E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.10.14","matchCriteriaId":"4C16BCE0-FFA0-4599-BE0A-1FD65101C021"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.3","matchCriteriaId":"54D9C704-D679-41A7-9C40-10A6B1E7FFE9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/077e1b7cd521163ded545987bbbd389519aeed71","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/649a5c2ffae797ce792023a70e84c7fe4b6fb8e0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/830802a0fea8fb39d3dc9fb7d6b5581e1343eb1f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e479cb835feeb2abff97f25766e23b96a6eabe28","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec862cd843faa6f0e84a7a07362f2786446bf697","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f17efbeb2922327ea01a9efa8829fea9a30e547d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}