CVE-2024-27014

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7.0-rc4 net next mlx5 5483eb2

Description The issue is related to a potential deadlock in the Linux kernel when disabling aRFS (Accelerated Receive Flow Steering) under certain conditions. Specifically, when the priv->state lock is acquired, any scheduled aRFS works are canceled using the cancel work sync function. However, while waiting for the work handler to finish, the handler attempts to acquire the state lock again, which is already held, leading to a deadlock. This is because the worker is trying to delete rules when the state is down, which is not its responsibility since disabling aRFS already deletes the rules. To fix this, an aRFS state variable is added to indicate whether aRFS is enabled, preventing the addition of rules when aRFS is disabled.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability, specifically version 6.7.0-rc4 net next mlx5 5483eb2 or later. Ensure that all systems using the Linux kernel are updated to prevent potential deadlocks related to aRFS disabling.