CVE-2024-53100

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.11.8

Description A race condition in the Linux kernel's NVMe TCP implementation can lead to a potential local privilege escalation. The issue arises from a race between the queue lock lock and the destroy function in nvme tcp free queue(), causing a warning when the mutex lock() function is called in nvme tcp get address(). This warning is triggered by the DEBUG LOCKS WARN ON macro when the lock's magic number does not match the expected value. The vulnerable function is nvme tcp get address(), which is called by nvme sysfs show address(). The estimated number of potentially affected devices is not specified.

Recommendations To resolve the issue, update the Linux kernel to version 6.11.8 or later. As a temporary workaround, consider disabling the nvme tcp get address() function until a patch is available. Restrict access to the vulnerable nvme tcp module to minimize the risk of exploitation. Avoid using the queue lock lock in the affected API endpoint until the issue is resolved.