CVE-2024-41082

Published: Jul 29, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvme reset or IO timeout) occurs before these commands finish, reconnect routine may fail to update nvme regs due to insufficient tags, which will cause kernel hang forever. In order to workaround this issue, maybe we can let reg_read32()/reg_read64()/reg_write32() use reserved tags. This maybe safe for nvmf: 1. For the disable ctrl path, we will not issue connect command 2. For the enable ctrl / fw activate path, since connect and reg_xx() are called serially. So the reserved tags may still be enough while reg_xx() use reserved tags.

Vendor	Product	Versions
Linux	Linux	affected `e7832cb48a654cd12b2bc9181b2f0ad49d526ac6 - < 165da9c67a26f08c9b956c15d701da7690f45bcb` affected `e7832cb48a654cd12b2bc9181b2f0ad49d526ac6 - < 7dc3bfcb4c9cc58970fff6aaa48172cb224d85aa`
Linux	Linux	affected `5.4` unaffected `0 - < 5.4` unaffected `6.9.11 - <= 6.9.` unaffected `6.10 - <= `

References

https://git.kernel.org/stable/c/165da9c67a26f08c9b956c15d701da7690f45bcb

https://git.kernel.org/stable/c/7dc3bfcb4c9cc58970fff6aaa48172cb224d85aa

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-41082

Description

Affected Products

References