CVE-2024-53689

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-10553-gb86545e02e8c

Description A potential deadlock issue has been identified in the Linux kernel. The queue attr store function first freezes the queue (->q usage counter(io)) and then acquires ->sysfs lock. However, the usual ordering should be to acquire ->sysfs lock before freezing the queue. This incorrect ordering causes a lockdep splat, which can be reproduced by accessing the /sys/kernel/debug file using the ls command. The issue is related to the block subsystem and the sysfs interface.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the potential deadlock. Specifically, for Linux kernel versions prior to 6.12.0-10553-gb86545e02e8c, update to a newer version that includes the corrected queue attr store function. As a temporary workaround, consider disabling the queue attr store function until a patch is available. However, this may have unintended consequences and should be used with caution.