Lucene search
LinuxCVELIST:CVE-2024-38384HistoryJun 24, 2024 - 1:50 p.m.
CVE-2024-38384 blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
2024-06-2413:50:51
Linux
www.cve.org
9
linux kernel
vulnerability
fix
list corruption
reorder
write
lqueued
blk-cgroup
__blkcg_rstat_flush
next_bisc
barrier
EPSS
0
Percentile
15.6%
In the Linux kernel, the following vulnerability has been resolved:
blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
__blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start
is being executed.
If WRITE of ->lqueued is re-ordered with READ of ‘bisc->lnode.next’ in
the loop of __blkcg_rstat_flush(), next_bisc can be assigned with one
stat instance being added in blk_cgroup_bio_start(), then the local
list in __blkcg_rstat_flush() could be corrupted.
Fix the issue by adding one barrier.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"block/blk-cgroup.c"
],
"versions": [
{
"version": "3b8cc6298724",
"lessThan": "714e59b5456e",
"status": "affected",
"versionType": "git"
},
{
"version": "3b8cc6298724",
"lessThan": "785298ab6b80",
"status": "affected",
"versionType": "git"
},
{
"version": "3b8cc6298724",
"lessThan": "d0aac2363549",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"block/blk-cgroup.c"
],
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-38384
2024-06-24 14:15:12
cve
cve
CVE-2024-38384
2024-06-24 14:15:12
osv
osv
CVE-2024-38384
2024-06-24 14:15:12
UBUNTU-CVE-2024-38384
2024-06-24 14:15:00
linux-azure vulnerabilities
2024-09-12 13:23:45
redhatcve
redhatcve
CVE-2024-38384
2024-06-25 13:52:23
ubuntucve
ubuntucve
CVE-2024-38384
2024-06-24 00:00:00
debiancve
debiancve
CVE-2024-38384
2024-06-24 14:15:12
redhat
redhat
(RHSA-2024:5067) Moderate: kernel-rt security update
2024-08-07 00:06:24
(RHSA-2024:5066) Moderate: kernel security update
2024-08-07 00:05:55
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:5067)
2024-08-07 00:00:00
RHEL 9 : kernel (RHSA-2024:5066)
2024-08-07 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38