PT-2024-35557 · Linux+8 · Linux Kernel+8

Hannes Reinecke

·

Published

2024-10-15

·

Updated

2026-04-20

·

CVE-2024-53093

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65
Description A vulnerability in the Linux kernel has been resolved, related to the nvme-multipath feature. The issue occurs when a partition scan is performed within the controller's scan work context, which can lead to a deadlock if a path error occurs. To fix this, the partition scan is deferred to a different context that does not block scan work.
Recommendations For versions prior to 6.6.65, update to version 6.6.65 or later to resolve the issue. As a temporary workaround, consider disabling the nvme-multipath feature until a patch is available. Restrict access to the vulnerable scan work context to minimize the risk of exploitation. Avoid using the scan work context in the affected kernel version until the issue is resolved.

Exploit

Fix

Weakness Enumeration

CWE-833

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17891
ALT-PU-2025-12647
AZL-54604
AZL-54632
BDU:2025-07876
CVE-2024-53093
DLA-4008-1
DSA-5818-1
INFSA-2025_6966
MGASA-2024-0392
MGASA-2024-0393
OESA-2025-1097
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:15544-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:03283-1
SUSE-SU-2025:03344-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:4506-1
SUSE-SU-2025_03344-1
SUSE-SU-2026:0034-1
SUSE-SU-2026:0263-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu