CVE-2024-53102

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65

Description The issue arises from the nvme keep-alive operation, which could potentially cause a race between the fabric controller admin queue destroy code path and the hw/hctx queue dispatcher. This race could lead to a kernel crash. The problem occurs when the nvme keep-alive request sneaks in while shutting down the fabric controller, causing the admin->q usage counter to become zero and allowing the blk-mq destroy queue operation to delete the admin queue. However, the nvme keep-alive thread may still access the admin queue resource after it has been deleted, resulting in a crash. The fix implements the keep-alive operation as a synchronous operation, ensuring that the fabric shutdown code path does not destroy the fabric admin queue until the keep-alive request has finished execution.

Recommendations To resolve the issue, update to Linux kernel version 6.6.65 or later. As a temporary workaround, consider disabling the nvme keep-alive operation until a patch is available. Restrict access to the admin queue to minimize the risk of exploitation. Avoid using the admin->q usage counter variable in the affected code path until the issue is resolved.