CVE-2024-26775
Published: Apr 3, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- [1] lock(&bdev->bd_size_lock); local_irq_disable(); [2] lock(&d->lock); [3] lock(&bdev->bd_size_lock); <Interrupt> [4] lock(&d->lock); *** DEADLOCK *** Where [1](&bdev->bd_size_lock) hold by zram_add()->set_capacity(). [2]lock(&d->lock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc() is trying to acquire [3](&bdev->bd_size_lock) at set_capacity() call. In this situation an attempt to acquire [4]lock(&d->lock) from aoecmd_cfg_rsp() will lead to deadlock. So the simplest solution is breaking lock dependency [2](&d->lock) -> [3](&bdev->bd_size_lock) by moving set_capacity() outside.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a782483cc1f875355690625d8253a232f2581418 - < 2499fa286fb010ceb289950050199f33c26667b9affected a782483cc1f875355690625d8253a232f2581418 - < 2d623c94fbba3554f4446ba6f3c764994e8b0d26affected a782483cc1f875355690625d8253a232f2581418 - < 673629018ba04906899dcb631beec34d871f709caffected a782483cc1f875355690625d8253a232f2581418 - < 19a77b27163820f793b4d022979ffdca8f659b77affected a782483cc1f875355690625d8253a232f2581418 - < e169bd4fb2b36c4b2bee63c35c740c85daeb2e86 |
Linux | Linux | affected 5.11unaffected 0 - < 5.11unaffected 5.15.189 - <= 5.15.*unaffected 6.1.80 - <= 6.1.*unaffected 6.6.19 - <= 6.6.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now