CVE-2024-27023

Summary

In the Linux kernel, the following vulnerability has been resolved:

md: Fix missing release of 'active_io' for flush

submit_flushes atomic_set(&mddev->flush_pending, 1); rdev_for_each_rcu(rdev, mddev) atomic_inc(&mddev->flush_pending); bi->bi_end_io = md_end_flush submit_bio(bi); /* flush io is done first */ md_end_flush if (atomic_dec_and_test(&mddev->flush_pending)) percpu_ref_put(&mddev->active_io) -> active_io is not released

if (atomic_dec_and_test(&mddev->flush_pending)) -> missing release of active_io

For consequence, mddev_suspend() will wait for 'active_io' to be zero forever.

Fix this problem by releasing 'active_io' in submit_flushes() if 'flush_pending' is decreased to zero.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9f2d957a8ea93c73182aebf7de30935a58c027d < 6b2ff10390b19a2364af622b6666b690443f9f3faffected
LinuxLinux530cec617f5a8ba6f26bcbf0d64d75c951d17730 < 02dad157ba11064d073f5499dc33552b227d5d3aaffected
LinuxLinuxc4c2345214b66e2505a26fd2ea58839dd7a1d48d < 11f81438927f84edfaaeb5d5f10856c3a1c1fc82affected
LinuxLinuxfa2bbff7b0b4e211fec5e5686ef96350690597b5 < 855678ed8534518e2b428bcbcec695de9ba248e8affected
LinuxLinux6.1.75 < 6.1.80affected
LinuxLinux6.6.14 < 6.6.19affected
LinuxLinux6.7.2 < 6.7.7affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References