偵測

Linux Distros 未修補的弱點:CVE-2026-45904

medium Nessus Plugin ID 317133

語言:

概要

Linux/Unix 主機上安裝的一個或多個套件存有弱點,廠商表示將不會修補。

說明

Linux/Unix 主機上安裝了一個或多個受到弱點影響的套件,且供應商未提供可用的修補程式。

 - powerpc/eeh:修正 EEH 事件處理中的遞迴pci_lock_rescan_remove鎖定 最近的提交 1010b4c012b0 (powerpc/eeh:使 EEH 驅動程式裝置熱插拔安全) 重組了 EEH 驅動程式,以改善與 PCI 熱插拔層的同步。然而,它無意中將 pci_lock_rescan_remove() 移出了 eeh_handle_normal_event() 中的預期範圍,導致 PCI 錯誤報告中斷和不當觸發 EEH 事件。具體來說,eeh_handle_normal_event() 在調用 eeh_pe_bus_get() 之前獲取了 pci_lock_rescan_remove(),但 eeh_pe_bus_get() 本身嘗試在內部獲取相同的鎖,從而導致巢狀鎖定並中斷正常的 EEH 事件處理路徑。此修補程式將布林參數do_lock新增至 _eeh_pe_bus_get(),並具有兩個公開包裝函式:啟用鎖定的 eeh_pe_bus_get()。
 跳過鎖定的 eeh_pe_bus_get_nolock()。已持有 pci_lock_rescan_remove() 的呼叫端現在使用 eeh_pe_bus_get_nolock() 來避免遞迴鎖定取得。此外,pci_lock_rescan_remove() 呼叫會在 eeh_pe_bus_get() 之後和反覆運算受影響的 PE 和裝置之前還原到正確的位置。這可確保在適當的匯流排重新掃描鎖定下發生 EEH 觸發的 PCI 移除,而不會發生遞迴鎖定爭用。eeh_pe_loc_get() 函數已拆分為兩個函數:
 eeh_pe_loc_get(struct eeh_pe *pe),擷取指定 PE 的 loc。eeh_pe_loc_get_bus(struct pci_bus
 *bus),以擷取指定匯流排的位置代碼。這解決了 lockdep 警告,例如: <snip> [] [ T928] ============================================ [ 84.964304] [ T928] 警告:偵測到可能的遞迴鎖定 [ 84.964311] [ T928] 6.18.0-rc3 #51 未受污染 [ 84.964315] [ T92884.964298]
 -------------------------------------------- [ 84.964320] T928[ ] eehd/928 正在嘗試取得鎖定: [84.964324] [ T928] c000000003b29d58 (pci_rescan_remove_lock){+.+.}-{3:3},位於:
 pci_lock_rescan_remove+0x28/0x40 [ 84.964342] T928[ ] 但任務已處於鎖定狀態: [ 84.964347] [T928] c000000003b29d58 (pci_rescan_remove_lock){+.+.}-{3:3}, at: pci_lock_rescan_remove+0x28/0x40 [84.964357] T928[ ] 其他可能有助於我們偵錯的資訊: [ 84.964363] [ T928] [ ] 可能的不安全鎖定場景: [ 84.964367] [ T928] CPU0 [ 84.964370] [ T928] ---- [ 84.964373] [ T928] lock(pci_rescan_remove_lock);[ 84.964378] [ T928] lock(pci_rescan_remove_lock);[ 84.964383] [ T928] *** 鎖死 *** [ 84.964388] [ T928] 可能是因為缺少鎖定巢狀表示法 [ 84.964393] [ ] 1 T928個由 EEHD/928 持有的鎖定: [ 84.964397] [ T928] #0: c000000003b29d58 (pci_rescan_remove_lock){+.+.}-{3:3},位於:
 pci_lock_rescan_remove+0x28/0x40 [ 84.964408] T928[ ] 堆疊回溯:[ 84.964414] [ T928] CPU:2 UID:0 PID:928 通訊:eehd 未受污染 6.18.0-rc3 #51 自願性 [ 84.964417] [ T928] 硬體名稱:IBM,9080-HEX POWER10 (架構) 0x800200 0xf000006:IBM,FW1060.00 (NH1060_022) hv:phyp pSeries [ 84.964419] [] 呼叫T928追蹤:[ 84.964420] [ T928] [c0000011a7157990] [c000000001705de4] dump_stack_lvl+0xc8/0x130 (不可靠) [ 84.964424] [ T928] [c0000011a71579d0] [c0000000002f66e0] print_deadlock_bug+0x430/0x440 [84.964428] [ T928] [c0000011a7157a70] [c0000000002fd0c0] __lock_acquire+0x1530/0x2d80 [ 84.964431] [ T928] [c0000011a7157ba0] [c0000000002fea54] lock_acquire+0x144/0x410 [ 84.964433] [ T928] [c0000011a7157cb0] [c0000011a7157cb0] __mutex_lock+0xf4/0x1050 [ 84.964436] [ T928] [c0000011a7157e00] [c000000000de21d8] pci_lock_rescan_remove+0x28/0x40 [ 84.964439] [ T928] [c0000011a7157e20] [c00000000004ed98] eeh_pe_bus_get+0x48/0xc0 [ 84.964442] [ T928] [c0000011a7157e50] [c00000 ---truncated--- (CVE-2026-45904)

請注意,Nessus 的判定取決於廠商所報告的套件是否存在。

解決方案

目前尚未有已知的解決方案。

另請參閱

https://access.redhat.com/security/cve/cve-2026-45904

Plugin 詳細資訊

嚴重性: Medium

ID: 317133

檔案名稱: unpatched_CVE_2026_45904.nasl

版本: 1.3

類型: Local

代理程式: unix

系列: Misc.

已發布: 2026/5/27

已更新: 2026/5/30

支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

風險資訊

VPR

風險因素: Medium

分數: 4.4

CVSS v2

風險因素: Medium

基本分數: 4.6

時間性分數: 3.9

媒介: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS 評分資料來源: CVE-2026-45904

CVSS v3

風險因素: Medium

基本分數: 5.5

時間性分數: 5.1

媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

時間媒介: CVSS:3.0/E:U/RL:U/RC:C

弱點資訊

CPE: cpe:/o:redhat:enterprise_linux:10, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra, p-cpe:/a:redhat:enterprise_linux:libperf-devel, p-cpe:/a:redhat:enterprise_linux:kernel-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-selftests-internal, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-64k-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-core, p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-modules-partner, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-abi-stablelists, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt-addons, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-debug-uki-virt-addons, p-cpe:/a:redhat:enterprise_linux:kernel-64k, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-core, p-cpe:/a:redhat:enterprise_linux:rv, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:libperf, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules, p-cpe:/a:redhat:enterprise_linux:python3-perf, p-cpe:/a:redhat:enterprise_linux:kernel-selftests-internal, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:rtla, p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-ipaclones-internal, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra-matched, p-cpe:/a:redhat:enterprise_linux:kernel-debug-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules, p-cpe:/a:redhat:enterprise_linux:kernel-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-partner, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-debug-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-rt-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-doc, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-modules-internal, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-64k-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel

必要的 KB 項目: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

可輕鬆利用: No known exploits are available

弱點發布日期: 2026/5/27

參考資訊

CVE: CVE-2026-45904