CVE-2024-56755
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a wake-up, the bit-clearing operation hasn't been detected yet, leading to an indefinite wait. The triggering process is as follows:
[cookie1] [cookie2] [volume_work] fscache_perform_lookup fscache_create_volume fscache_perform_lookup fscache_create_volume fscache_create_volume_work cachefiles_acquire_volume clear_and_wake_up_bit test_and_set_bit test_and_set_bit goto maybe_wait goto no_wait
In the above process, cookie1 and cookie2 has the same volume. When cookie1 enters the -no_wait- process, it will clear the bit and wake up the waiting process. If a barrier is missing, it may cause cookie2 to remain in the -wait- process indefinitely.
In commit 3288666c7256 ("fscache: Use clear_and_wake_up_bit() in fscache_create_volume_work()"), barriers were added to similar operations in fscache_create_volume_work(), but fscache_create_volume() was missed.
By combining the clear and wake operations into clear_and_wake_up_bit() to fix this issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < ddab02607eed9e415dc62fde421d4329e5345315 | affected |
| Linux | Linux | bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 539fabba965e119b98066fc6ba5257b5eaf4eda2 | affected |
| Linux | Linux | bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 8beb682cc9a0798a280bbb95e3e41617237090b2 | affected |
| Linux | Linux | bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 8cc1df3113cb71a0df2c46dd5b102c9e11c8a8c6 | affected |
| Linux | Linux | bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 < 22f9400a6f3560629478e0a64247b8fcc811a24d | affected |
| Linux | Linux | 5.17 | affected |
| Linux | Linux | 0 < 5.17 | unaffected |
| Linux | Linux | 6.1.120 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.64 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.11 <= 6.11.* | unaffected |
| Linux | Linux | 6.12.2 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/ddab02607eed9e415dc62fde421d4329e5345315
- https://git.kernel.org/stable/c/539fabba965e119b98066fc6ba5257b5eaf4eda2
- https://git.kernel.org/stable/c/8beb682cc9a0798a280bbb95e3e41617237090b2
- https://git.kernel.org/stable/c/8cc1df3113cb71a0df2c46dd5b102c9e11c8a8c6
- https://git.kernel.org/stable/c/22f9400a6f3560629478e0a64247b8fcc811a24d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.