CVE-2024-35929

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The vulnerability is related to the rcu nocb bypass lock() function in the Linux kernel. It can be triggered when the kernel is built with CONFIG RCU NOCB CPU DEFAULT ALL=y and CONFIG RCU LAZY=y. The issue arises from scenarios where WARN ON ONCE() is triggered in the rcu nocb bypass lock() and rcu nocb wait contended() functions. This can occur due to specific interactions between kthreads, syscalls, and memory management functions. The vulnerability can be reproduced by running the command "echo 3 > /proc/sys/vm/drop caches". The commit that resolves this issue uses rcu nocb try flush bypass() instead of rcu nocb flush bypass() in lazy rcu shrink scan() to prevent the WARN ON ONCE() triggers.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.