THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-27009

s390/cio: fix race condition during online processing

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in ccw_device_set_online() that can cause the online process to fail, leaving the affected device in an inconsistent state. As a result, subsequent attempts to set that device online fail with return code ENODEV. The problem occurs when a path verification request arrives after a wait for final device state completed, but before the result state is evaluated. Fix this by ensuring that the CCW-device lock is held between determining final state and checking result state. Note that since: commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers") path verification requests are much more likely to occur during boot, resulting in an increased chance of this race condition occurring.

Product status

Default status
unaffected

2297791c92d0 before 3076b3c38a70
affected

2297791c92d0 before 559f3a633339
affected

2297791c92d0 before 2df56f4ea769
affected

2297791c92d0 before a4234decd0fe
affected

2297791c92d0 before 2d8527f2f911
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

5.15.157
unaffected

6.1.88
unaffected

6.6.29
unaffected

6.8.8
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/3076b3c38a704e10df5e143c213653309d532538

https://git.kernel.org/stable/c/559f3a6333397ab6cd4a696edd65a70b6be62c6e

https://git.kernel.org/stable/c/2df56f4ea769ff81e51bbb05699989603bde9c49

https://git.kernel.org/stable/c/a4234decd0fe429832ca81c4637be7248b88b49e

https://git.kernel.org/stable/c/2d8527f2f911fab84aec04df4788c0c23af3df48

cve.org CVE-2024-27009

nvd.nist.gov CVE-2024-27009

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27009