In the Linux kernel, the following vulnerability has been resolved:
blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
__blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start
is being executed.
If WRITE of ->lqueued
is re-ordered with READ of ‘bisc->lnode.next’ in
the loop of __blkcg_rstat_flush(), next_bisc
can be assigned with one
stat instance being added in blk_cgroup_bio_start(), then the local
list in __blkcg_rstat_flush() could be corrupted.
Fix the issue by adding one barrier.
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "714e59b5456e",
"versionType": "git"
},
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "785298ab6b80",
"versionType": "git"
},
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "d0aac2363549",
"versionType": "git"
}
],
"programFiles": [
"block/blk-cgroup.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "6.2",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom",
"lessThanOrEqual": "6.6.*"
},
{
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom",
"lessThanOrEqual": "6.9.*"
},
{
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"block/blk-cgroup.c"
],
"defaultStatus": "affected"
}
]
[
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "714e59b5456e",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "785298ab6b80",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "3b8cc6298724",
"lessThan": "d0aac2363549",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "6.2"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "0",
"lessThan": "6.2",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom",
"lessThanOrEqual": "6.7"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom",
"lessThanOrEqual": "6.10"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
],
"defaultStatus": "unknown"
}
]