PT-2024-21471 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2024-04-03

·

Updated

2024-11-05

·

CVE-2024-26696

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A hang issue was reported in the Linux kernel, specifically in the nilfs2 file system. The issue occurs when the migrate pages batch() function, called by mbind(), locks a folio and waits for the writeback to complete. Meanwhile, the log writer thread attempts to lock the same folio, causing a deadlock. This happens because the nilfs lookup dirty data buffers() function, called by the log writer, tries to lock the folio being written back. The root cause of the issue is that the wait for writeback completion in nilfs page mkwrite() is conditional, allowing data to be modified without waiting if the backing device does not require stable writes. This can lead to an unclean shutdown, potentially causing recovery to fail.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

CVE-2024-26696
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1496
OESA-2024-1497
OESA-2024-1498
OESA-2024-1499
OESA-2024-1500
OESA-2024-1501
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:2135-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6795-1
USN-6828-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu