CVE-2024-35794

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the dm-raid component in the Linux kernel, where the sync thread is not properly frozen during suspend. This is caused by the removal of the MD RECOVERY FROZEN flag from md stop writes() in commit f52f5c71f3d4, which doesn't realize that dm-raid relies on md stop writes() to freeze the sync thread indirectly. The flag MD RECOVERY FROZEN only prevents new sync thread from starting and can't stop the running sync thread. To fix this, the flag should be added back to md stop writes(), and the stop sync thread() function should be moved to md stop writes(). Additionally, the raid message function should be disallowed from changing the sync thread status during suspend.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-833

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2025-12647

AZL-62675

AZL-67818

BDU:2026-02286

CVE-2024-35794

ECHO-3BCF-F258-9D17

INFSA-2024_9315

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6816-1

USN-6817-1

USN-6817-2

USN-6817-3

USN-6878-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

CVE-2024-35794

Weakness Enumeration

Related Identifiers

Affected Products

References · 3032