CVE-2024-26718

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9

Description The Linux kernel has a vulnerability in the dm-crypt and dm-verity modules, where tasklets have an inherent problem with memory corruption. The function tasklet action common calls tasklet trylock, then the tasklet callback, and then tasklet unlock. If the tasklet callback frees the structure that contains the tasklet or calls some code that may free it, tasklet unlock will write into free memory. The commits 8e14f610159d and d9a02e016aaf try to fix this issue for dm-crypt, but it is not a sufficient fix, and data corruption can still happen. There is no fix for dm-verity, and it will write into free memory with every tasklet-processed bio. Atomic workqueues will be implemented in kernel 6.9, which will have a better interface and will not suffer from the memory corruption problem.

Recommendations To resolve the issue, update to Linux kernel version 6.9 or later. For versions prior to 6.9, consider disabling tasklets in both dm-crypt and dm-verity as a temporary workaround to prevent memory corruption.