CVE-2024-53054

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A deadlock issue in the Linux kernel has been identified, which can be triggered by deleting a large number of cpuset cgroups and setting cpu on and off repeatedly. This issue is caused by the acquisition of cgroup mutex and cpu hotplug lock in different tasks, leading to a deadlock. The problem can be reproduced using a pressuse test, which involves deleting a large number of cpuset cgroups, setting cpu on and off repeatedly, and setting watchdog thresh repeatedly. The estimated number of potentially affected devices worldwide is not available.

Recommendations To fix the problem, place cgroup bpf release works on a dedicated workqueue, which can break the loop and solve the problem. As a temporary workaround, consider disabling the cgroup bpf release function until a patch is available. Restrict access to the cgroup mutex and cpu hotplug lock to minimize the risk of exploitation. Avoid using the cpu hotplug lock.read and cpu hotplug lock.write in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.