We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Bugpilot (Bug tracking)

Ok

THREATINT CVE Home CVE Diag Help
PUBLISHED

CVE-2024-26775

aoe: avoid potential deadlock at set_capacity

Reserved:2024-02-19
Published:2024-04-03
Updated:2024-04-03

Description

In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- [1] lock(&bdev->bd_size_lock); local_irq_disable(); [2] lock(&d->lock); [3] lock(&bdev->bd_size_lock); <Interrupt> [4] lock(&d->lock); *** DEADLOCK *** Where [1](&bdev->bd_size_lock) hold by zram_add()->set_capacity(). [2]lock(&d->lock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc() is trying to acquire [3](&bdev->bd_size_lock) at set_capacity() call. In this situation an attempt to acquire [4]lock(&d->lock) from aoecmd_cfg_rsp() will lead to deadlock. So the simplest solution is breaking lock dependency [2](&d->lock) -> [3](&bdev->bd_size_lock) by moving set_capacity() outside.

Product status

Default status
unaffected

1da177e4c3f4 before 2d623c94fbba
affected

1da177e4c3f4 before 673629018ba0
affected

1da177e4c3f4 before 19a77b271638
affected

1da177e4c3f4 before e169bd4fb2b3
affected

Default status
affected

6.1.80
unaffected

6.6.19
unaffected

6.7.7
unaffected

6.8
unaffected

References

https://git.kernel.org/stable/c/2d623c94fbba3554f4446ba6f3c764994e8b0d26

https://git.kernel.org/stable/c/673629018ba04906899dcb631beec34d871f709c

https://git.kernel.org/stable/c/19a77b27163820f793b4d022979ffdca8f659b77

https://git.kernel.org/stable/c/e169bd4fb2b36c4b2bee63c35c740c85daeb2e86

cve.org CVE-2024-26775

nvd.nist.gov CVE-2024-26775

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26775