PT-2025-3585 · Linux+11 · Linux Kernel+11
Published
2024-09-23
·
Updated
2025-10-03
·
CVE-2024-57807
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A potential deadlock issue has been identified in the Linux kernel, specifically in the scsi: megaraid sas component. This issue is related to a 'possible circular locking dependency detected' warning, which occurs when the following locks are acquired in a specific order:
CPU0 CPU1
lock(&instance->reset mutex);
lock(&shost->scan mutex);
lock(&instance->reset mutex);
lock(&shost->scan mutex);
To fix this issue, the reset mutex is temporarily released.
Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue.
As a temporary workaround, consider temporarily releasing the reset mutex to avoid the deadlock.
Exploit
Fix
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu