{"id":"AZL-67764","summary":"CVE-2024-35995 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Use access_width over bit_width for system memory accesses\n\nTo align with ACPI 6.3+, since bit_width can be any 8-bit value, it\ncannot be depended on to be always on a clean 8b boundary. This was\nuncovered on the Cobalt 100 platform.\n\nSError Interrupt on CPU26, code 0xbe000011 -- SError\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted 5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n pstate: 62400009 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)\n pc : cppc_get_perf_caps+0xec/0x410\n lr : cppc_get_perf_caps+0xe8/0x410\n sp : ffff8000155ab730\n x29: ffff8000155ab730 x28: ffff0080139d0038 x27: ffff0080139d0078\n x26: 0000000000000000 x25: ffff0080139d0058 x24: 00000000ffffffff\n x23: ffff0080139d0298 x22: ffff0080139d0278 x21: 0000000000000000\n x20: ffff00802b251910 x19: ffff0080139d0000 x18: ffffffffffffffff\n x17: 0000000000000000 x16: ffffdc7e111bad04 x15: ffff00802b251008\n x14: ffffffffffffffff x13: ffff013f1fd63300 x12: 0000000000000006\n x11: ffffdc7e128f4420 x10: 0000000000000000 x9 : ffffdc7e111badec\n x8 : ffff00802b251980 x7 : 0000000000000000 x6 : ffff0080139d0028\n x5 : 0000000000000000 x4 : ffff0080139d0018 x3 : 00000000ffffffff\n x2 : 0000000000000008 x1 : ffff8000155ab7a0 x0 : 0000000000000000\n Kernel panic - not syncing: Asynchronous SError Interrupt\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted\n5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n Call trace:\n  dump_backtrace+0x0/0x1e0\n  show_stack+0x24/0x30\n  dump_stack_lvl+0x8c/0xb8\n  dump_stack+0x18/0x34\n  panic+0x16c/0x384\n  add_taint+0x0/0xc0\n  arm64_serror_panic+0x7c/0x90\n  arm64_is_fatal_ras_serror+0x34/0xa4\n  do_serror+0x50/0x6c\n  el1h_64_error_handler+0x40/0x74\n  el1h_64_error+0x7c/0x80\n  cppc_get_perf_caps+0xec/0x410\n  cppc_cpufreq_cpu_init+0x74/0x400 [cppc_cpufreq]\n  cpufreq_online+0x2dc/0xa30\n  cpufreq_add_dev+0xc0/0xd4\n  subsys_interface_register+0x134/0x14c\n  cpufreq_register_driver+0x1b0/0x354\n  cppc_cpufreq_init+0x1a8/0x1000 [cppc_cpufreq]\n  do_one_initcall+0x50/0x250\n  do_init_module+0x60/0x27c\n  load_module+0x2300/0x2570\n  __do_sys_finit_module+0xa8/0x114\n  __arm64_sys_finit_module+0x2c/0x3c\n  invoke_syscall+0x78/0x100\n  el0_svc_common.constprop.0+0x180/0x1a0\n  do_el0_svc+0x84/0xa0\n  el0_svc+0x2c/0xc0\n  el0t_64_sync_handler+0xa4/0x12c\n  el0t_64_sync+0x1a4/0x1a8\n\nInstead, use access_width to determine the size and use the offset and\nwidth to shift and mask the bits to read/write out. Make sure to add a\ncheck for system memory since pcc redefines the access_width to\nsubspace id.\n\nIf access_width is not set, then fall back to using bit_width.\n\n[ rjw: Subject and changelog edits, comment adjustments ]","modified":"2026-04-01T05:21:50.226580Z","published":"2024-05-20T10:15:13Z","upstream":["CVE-2024-35995"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35995"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67764.json"}}],"schema_version":"1.7.5"}