In the Linux kernel, the following vulnerability has been resolved:
blk-iocost: do not WARN if iocg was already offlined In iocg_pay_debt(),
warn is triggered if ‘active_list’ is empty, which is intended to confirm
iocg is active when it has debt. However, warn can be triggered during a
blkcg or disk removal, if iocg_waitq_timer_fn() is run at that time:
WARNING: CPU: 0 PID: 2344971 at block/blk-iocost.c:1402
iocg_pay_debt+0x14c/0x190 Call trace: iocg_pay_debt+0x14c/0x190
iocg_kick_waitq+0x438/0x4c0 iocg_waitq_timer_fn+0xd8/0x130
__run_hrtimer+0x144/0x45c __hrtimer_run_queues+0x16c/0x244
hrtimer_interrupt+0x2cc/0x7b0 The warn in this situation is meaningless.
Since this iocg is being removed, the state of the ‘active_list’ is
irrelevant, and ‘waitq_timer’ is canceled after removing ‘active_list’ in
ioc_pd_free(), which ensures iocg is freed after iocg_waitq_timer_fn()
returns. Therefore, add the check if iocg was already offlined to avoid
warn when removing a blkcg or disk.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/01bc4fda9ea0a6b52f12326486f07a4910666cf6 (6.9-rc5)
git.kernel.org/stable/c/01bc4fda9ea0a6b52f12326486f07a4910666cf6
git.kernel.org/stable/c/14b3275f93d4a0d8ddc02195bc4e9869b7a3700e
git.kernel.org/stable/c/1c172ac7afe4442964f4153b2c78fe4e005d9d67
launchpad.net/bugs/cve/CVE-2024-36908
nvd.nist.gov/vuln/detail/CVE-2024-36908
security-tracker.debian.org/tracker/CVE-2024-36908
www.cve.org/CVERecord?id=CVE-2024-36908