CVE-2024-56755

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING

In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a wake-up, the bit-clearing operation hasn't been detected yet, leading to an indefinite wait. The triggering process is as follows:

[cookie1] [cookie2] [volume_work] fscache_perform_lookup fscache_create_volume fscache_perform_lookup fscache_create_volume fscache_create_volume_work cachefiles_acquire_volume clear_and_wake_up_bit test_and_set_bit test_and_set_bit goto maybe_wait goto no_wait

In the above process, cookie1 and cookie2 has the same volume. When cookie1 enters the -no_wait- process, it will clear the bit and wake up the waiting process. If a barrier is missing, it may cause cookie2 to remain in the -wait- process indefinitely.

In commit 3288666c7256 ("fscache: Use clear_and_wake_up_bit() in fscache_create_volume_work()"), barriers were added to similar operations in fscache_create_volume_work(), but fscache_create_volume() was missed.

By combining the clear and wake operations into clear_and_wake_up_bit() to fix this issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < ddab02607eed9e415dc62fde421d4329e5345315affected
LinuxLinuxbfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 539fabba965e119b98066fc6ba5257b5eaf4eda2affected
LinuxLinuxbfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 8beb682cc9a0798a280bbb95e3e41617237090b2affected
LinuxLinuxbfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 8cc1df3113cb71a0df2c46dd5b102c9e11c8a8c6affected
LinuxLinuxbfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 22f9400a6f3560629478e0a64247b8fcc811a24daffected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.120 <= 6.1.*unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References