CVE-2024-26899

Summary

In the Linux kernel, the following vulnerability has been resolved:

block: fix deadlock between bd_link_disk_holder and partition scan

'open_mutex' of gendisk is used to protect open/close block devices. But in bd_link_disk_holder(), it is used to protect the creation of symlink between holding disk and slave bdev, which introduces some issues.

When bd_link_disk_holder() is called, the driver is usually in the process of initialization/modification and may suspend submitting io. At this time, any io hold 'open_mutex', such as scanning partitions, can cause deadlocks. For example, in raid:

T1 T2 bdev_open_by_dev lock open_mutex [1] … efi_partition … md_submit_bio md_ioctl mddev_syspend -> suspend all io md_add_new_disk bind_rdev_to_array bd_link_disk_holder try lock open_mutex [2] md_handle_request -> wait mddev_resume

T1 scan partition, T2 add a new device to raid. T1 waits for T2 to resume mddev, but T2 waits for open_mutex held by T1. Deadlock occurs.

Fix it by introducing a local mutex 'blk_holder_mutex' to replace 'open_mutex'.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1b0a2d950ee2a54aa04fb31ead32144be0bbf690 < 1e5c5b0abaee7b62a10b9707a62083b71ad21f62affected
LinuxLinux1b0a2d950ee2a54aa04fb31ead32144be0bbf690 < 5a87c1f7993bc8ac358a3766bac5dc7126e01e98affected
LinuxLinux1b0a2d950ee2a54aa04fb31ead32144be0bbf690 < 03f12122b20b6e6028e9ed69030a49f9cffcbb75affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References