Bug 2272811 (CVE-2024-26671)
| Summary: | CVE-2024-26671 kernel: blk-mq: fix IO hang from sbitmap wakeup race | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, allarkin, aquini, bhu, chwhite, cye, cyin, dbohanno, debarbos, dfreiber, drow, dvlasenk, esandeen, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, ldoskova, lgoncalv, lzampier, mleitner, mmilgram, mstowell, nmurray, ptalbert, rkeshri, rparrazo, rrobaina, rvrbovsk, rysulliv, scweaver, sidakwo, sukulkar, tglozar, tyberry, vkumar, wcosta, williams, wmealing, ycote, ykopkova, zhijwang |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 4.19.307, kernel 5.4.269, kernel 5.10.210, kernel 5.15.149, kernel 6.1.77, kernel 6.6.16, kernel 6.7.4, kernel 6.8 | Doc Type: | No Doc Update |
| Doc Text: |
A possible IO hang from sbitmap wakeup race was found in the Linux kernel. This may lead to compromised Availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2272812 | ||
| Bug Blocks: | 2272924 | ||
|
Description
Mauro Matteo Cascella
2024-04-02 23:36:54 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2272812] This was fixed for Fedora with the 6.7.4 stable kernel updates. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:2950 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3138 https://access.redhat.com/errata/RHSA-2024:3138 The result of automatic check (that is developed by Alexander Larkin) for this CVE-2024-26671 is: CHECK Maybe valid. Check manually. with impact MODERATE (that is an approximation based on flags RACE ; these flags parsed automatically based on patch data). Such automatic check happens only for Low/Moderates (and only when not from reporter, but parsing already existing CVE). Highs always checked manually (I check it myself and then we check it again in Remediation team). In rare cases some of the Moderates could be increased to High later. This issue is fixed in RHEL-9.4 and above (including RHEL 8.10) ~~~ a7f97b4cae32 (in rhel-9.4, rhel-9.5) blk-mq: fix IO hang from sbitmap wakeup race 098ab94a5112 (in rhel-8.10) blk-mq: fix IO hang from sbitmap wakeup race ~~~ This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8614 https://access.redhat.com/errata/RHSA-2024:8614 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8613 https://access.redhat.com/errata/RHSA-2024:8613 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:9943 https://access.redhat.com/errata/RHSA-2024:9943 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:9942 https://access.redhat.com/errata/RHSA-2024:9942 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:10262 https://access.redhat.com/errata/RHSA-2024:10262 |