CVE-2024-53093

Summary

In the Linux kernel, the following vulnerability has been resolved:

nvme-multipath: defer partition scanning

We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes available or all paths are torn down, but that action also occurs within scan_work, so it would deadlock. Defer the partion scan to a different context that does not block scan_work.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux32acab3181c7053c775ca128c3a5c6ce50197d7f < 60de2e03f984cfbcdc12fa552f95087c35a05a98affected
LinuxLinux32acab3181c7053c775ca128c3a5c6ce50197d7f < 4a57f42e5ed42cb8f1beb262c4f6d3e698939e4eaffected
LinuxLinux32acab3181c7053c775ca128c3a5c6ce50197d7f < a91b7eddf45afeeb9c5ece11dddff5de0921b00faffected
LinuxLinux32acab3181c7053c775ca128c3a5c6ce50197d7f < 1f021341eef41e77a633186e9be5223de2ce5d48affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux6.1.118 <= 6.1.*unaffected
LinuxLinux6.6.62 <= 6.6.*unaffected
LinuxLinux6.11.9 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References