CVE-2024-50081

Summary

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: setup queue ->tag_set before initializing hctx

Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped to specified hctx") needs to check queue mapping via tag set in hctx's cpuhp handler.

However, q->tag_set may not be setup yet when the cpuhp handler is enabled, then kernel oops is triggered.

Fix the issue by setup queue tag_set before initializing hctx.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff2d6ef107b1b1ec6b469073b4dda0dc744e343c < 73d964ce4bc8b4de88a7c2e40df494f0d5cd8950affected
LinuxLinuxdbd0829d2458d7292b82bfc9d02cce23935b198f < 25466e5b4bb11a8415ce8d0be89ab77135f7e444affected
LinuxLinux7b815817aa58d2e2101feb2fcf64c60cae0b2695 < d28b256db525d9432bc3eb2c8d83f7d3f5e1cc87affected
LinuxLinux7b815817aa58d2e2101feb2fcf64c60cae0b2695 < c25c0c9035bb8b28c844dfddeda7b8bdbcfcae95affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.11.5 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References