| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025012156-CVE-2024-57946-41e8@gregkh>
Date: Tue, 21 Jan 2025 13:22:56 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-57946: virtio-blk: don't keep queue frozen during system suspend
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
virtio-blk: don't keep queue frozen during system suspend
Commit 4ce6e2db00de ("virtio-blk: Ensure no requests in virtqueues before
deleting vqs.") replaces queue quiesce with queue freeze in virtio-blk's
PM callbacks. And the motivation is to drain inflight IOs before suspending.
block layer's queue freeze looks very handy, but it is also easy to cause
deadlock, such as, any attempt to call into bio_queue_enter() may run into
deadlock if the queue is frozen in current context. There are all kinds
of ->suspend() called in suspend context, so keeping queue frozen in the
whole suspend context isn't one good idea. And Marek reported lockdep
warning[1] caused by virtio-blk's freeze queue in virtblk_freeze().
[1] https://lore.kernel.org/linux-block/ca16370e-d646-4eee-b9cc-87277c89c43c@samsung.com/
Given the motivation is to drain in-flight IOs, it can be done by calling
freeze & unfreeze, meantime restore to previous behavior by keeping queue
quiesced during suspend.
The Linux kernel CVE team has assigned CVE-2024-57946 to this issue.
Affected and fixed versions
===========================
Fixed in 5.4.289 with commit d738f3215bb4f88911ff4579780a44960c8e0ca5
Fixed in 5.10.233 with commit 9ca428c6397abaa8c38f5c69133a2299e1efbbf2
Fixed in 5.15.176 with commit 6dea8e3de59928974bf157dd0499d3958d744ae4
Fixed in 6.1.123 with commit 9e323f856cf4963120e0e3892a84ef8bd764a0e4
Fixed in 6.6.69 with commit 12c0ddd6c551c1e438b087f874b4f1223a75f7ea
Fixed in 6.12.8 with commit 92d5139b91147ab372a17daf5dc27a5b9278e516
Fixed in 6.13 with commit 7678abee0867e6b7fb89aa40f6e9f575f755fb37
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-57946
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/block/virtio_blk.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/d738f3215bb4f88911ff4579780a44960c8e0ca5
https://git.kernel.org/stable/c/9ca428c6397abaa8c38f5c69133a2299e1efbbf2
https://git.kernel.org/stable/c/6dea8e3de59928974bf157dd0499d3958d744ae4
https://git.kernel.org/stable/c/9e323f856cf4963120e0e3892a84ef8bd764a0e4
https://git.kernel.org/stable/c/12c0ddd6c551c1e438b087f874b4f1223a75f7ea
https://git.kernel.org/stable/c/92d5139b91147ab372a17daf5dc27a5b9278e516
https://git.kernel.org/stable/c/7678abee0867e6b7fb89aa40f6e9f575f755fb37
Powered by blists - more mailing lists