CVE-2024-50184

Summary

In the Linux kernel, the following vulnerability has been resolved:

virtio_pmem: Check device status before requesting flush

If a pmem device is in a bad status, the driver side could wait for host ack forever in virtio_pmem_flush(), causing the system to hang.

So add a status check in the beginning of virtio_pmem_flush() to return early if the device is not activated.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < 59ac565c6277d4be6661e81ea6a7f3ca2c5e4e36affected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < 4ce662fe4be6fbc2595d9ef4888b2b6e778c99edaffected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < 9a2bc9b6f929a2ce1ebe4d1a796ddab37568c5b4affected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < 6a5ca0ab94e13a1474bf7ad8437a975c2193618faffected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < b01793cc63dd39c8f12b9a3d8dc115fbebb19e2aaffected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < ce7a3a62cc533c922072f328fd2ea2fd7cb893d4affected
LinuxLinux6e84200c0a2994b991259d19450eee561029bf70 < e25fbcd97cf52c3c9824d44b5c56c19673c3dd50affected
LinuxLinux5.3affected
LinuxLinux0 < 5.3unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.57 <= 6.6.*unaffected
LinuxLinux6.11.4 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References