2327360 – (CVE-2024-53067) CVE-2024-53067 kernel: scsi: ufs: core: Start the RTC update work later

Bug 2327360 (CVE-2024-53067) - CVE-2024-53067 kernel: scsi: ufs: core: Start the RTC update work later

Summary: CVE-2024-53067 kernel: scsi: ufs: core: Start the RTC update work later

Keywords:
Status:	NEW
Alias:	CVE-2024-53067
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2327465
Blocks:
TreeView+	depends on / blocked

Reported:	2024-11-19 18:02 UTC by OSIDB Bzimport
Modified:	2024-11-21 19:09 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-11-19 18:02:59 UTC

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Start the RTC update work later

The RTC update work involves runtime resuming the UFS controller. Hence,
only start the RTC update work after runtime power management in the UFS
driver has been fully initialized. This patch fixes the following kernel
crash:

Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Workqueue: events ufshcd_rtc_work
Call trace:
 _raw_spin_lock_irqsave+0x34/0x8c (P)
 pm_runtime_get_if_active+0x24/0x9c (L)
 pm_runtime_get_if_active+0x24/0x9c
 ufshcd_rtc_work+0x138/0x1b4
 process_one_work+0x148/0x288
 worker_thread+0x2cc/0x3d4
 kthread+0x110/0x114
 ret_from_fork+0x10/0x20

Comment 1 Robb Gatica 2024-11-19 21:08:27 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024111933-CVE-2024-53067-0c9e@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.