CVE-2024-35808

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the direct call to md reap sync thread() from raid message() without holding the reconfig mutex. This is unsafe because md reap sync thread() can change fields protected by reconfig mutex. Holding reconfig mutex in this context is problematic due to the potential for deadlock, as seen in commit 130443d60b1b. The problem is resolved by using stop sync thread() to unregister the sync thread, similar to how it is done in md/raid.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2025-12647

AZL-62827

AZL-67587

BDU:2026-03505

CVE-2024-35808

ECHO-954C-DEFB-C982

INFSA-2024_9315

OESA-2024-1692

OESA-2024-1694

OESA-2024-1941

OESA-2026-1337

OESA-2026-1338

OESA-2026-1339

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6816-1

USN-6817-1

USN-6817-2

USN-6817-3

USN-6878-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

CVE-2024-35808

Weakness Enumeration

Related Identifiers

Affected Products

References · 3207