LiveActive security incident?Get immediate response
CVE Record

CVE-2024-43851: soc: xilinx: rename cpu_number1 to dummy_cpu_number

In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function. So drop the initialization of this variable and rename it to dummy_cpu_number. This patch is to fix the following call trace when the kernel option CONFIG_DEBUG_ATOMIC_SLEEP is enabled: BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0 preempt_count: 1, expected: 0 CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.1.0 #53 Hardware name: Xilinx Versal vmk180 Eval board rev1.1 (QSPI) (DT) Call trace: dump_backtrace+0xd0/0xe0 show_stack+0x18/0x40 dump_stack_lvl+0x7c/0xa0 dump_stack+0x18/0x34 __might_resched+0x10c/0x140 __might_sleep+0x4c/0xa0 __kmem_cache_alloc_node+0xf4/0x168 kmalloc_trace+0x28/0x38 __request_percpu_irq+0x74/0x138 xlnx_event_manager_probe+0xf8/0x298 platform_probe+0x68/0xd8

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

This CVE describes a Linux kernel bug in Xilinx SoC event manager code. The public record shows a kernel warning/crash trace during boot/probe when a debug option is enabled, not a confirmed remote attack path. Business urgency is highest for organizations running Linux on Xilinx Versal or related embedded platforms.

Executive priority

Treat this as a targeted platform reliability and kernel-maintenance issue, not as proven internet-wide exploitation. Prioritize embedded Linux assets on Xilinx hardware and rely on vendor kernel updates for closure.

Technical view

The issue is in Linux kernel soc:xilinx handling. A per-CPU variable was passed as dev_id to xlnx_event_handler but was unused. The fix removes initialization and renames it dummy_cpu_number, addressing a CONFIG_DEBUG_ATOMIC_SLEEP trace involving __request_percpu_irq during xlnx_event_manager_probe.

Likely exposure

Exposure appears concentrated in Linux systems using the Xilinx SoC event manager path, especially Versal embedded hardware. The bundle lists Linux kernel versions and stable commits, but does not provide complete distro-specific affected ranges beyond a Debian LTS advisory reference.

Exploitation context

No source in the bundle claims active exploitation, and KEV is false. The evidence describes a kernel call trace under CONFIG_DEBUG_ATOMIC_SLEEP, not a public exploit. Practical impact outside affected Xilinx platform configurations is unclear from the provided sources.

Researcher notes

The source bundle lacks CVSS, CWE, exploit evidence, and detailed affected range semantics. The clearest technical signal is the upstream stable fix and the debug call trace. Validation should focus on kernel lineage, enabled Xilinx SoC code, hardware use, and distro backports.

Mitigation direction

  • Check vendor kernel advisories for the exact platform and distribution.
  • Apply the relevant Linux stable kernel update or backported vendor fix.
  • Prioritize Xilinx Versal or related embedded Linux deployments.
  • Track Debian LTS guidance if using Debian-packaged kernels.
  • Avoid assuming generic server exposure without confirming the affected driver path.

Validation and detection

  • Inventory Linux kernel versions on Xilinx-based systems.
  • Check whether the Xilinx event manager driver is present and used.
  • Compare deployed kernels against vendor fixed versions or stable commits.
  • Review boot logs for xlnx_event_manager_probe or atomic sleep warnings.
  • Confirm distribution backport status before marking systems vulnerable.
Prepared
Confidence
medium
Sources
7

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2024-43851 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
2ADP providers
6Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux01946c3c83b2279fec685abc83f0d7b0468851db, 4722924e7a6225ebf7b09bd7ac5fafc6e73bd4f8, daed80ed07580e5adc0e6d8bc79933a35154135a, daed80ed07580e5adc0e6d8bc79933a35154135a, 548bdbbdcd355f5a844c7122c83c9aab115051fa, 6.1.77, 6.6.16, 6.7.4unaffected
LinuxLinux6.8, 0, 6.1.103, 6.6.44, 6.10.3, 6.11affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.