Back

CVE-2024-40922

July 12, 2024, 4:34 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Linux kernel

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-12
CVE-2024-40922

CVE-2024-40922 details

Published : July 12, 2024, 1:15 p.m.
Last Modified : July 12, 2024, 4:34 p.m.

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't lock while !TASK_RUNNING There is a report of io_rsrc_ref_quiesce() locking a mutex while not TASK_RUNNING, which is due to forgetting restoring the state back after io_run_task_work_sig() and attempts to break out of the waiting loop. do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff815d2494>] prepare_to_wait+0xa4/0x380 kernel/sched/wait.c:237 WARNING: CPU: 2 PID: 397056 at kernel/sched/core.c:10099 __might_sleep+0x114/0x160 kernel/sched/core.c:10099 RIP: 0010:__might_sleep+0x114/0x160 kernel/sched/core.c:10099 Call Trace: <TASK> __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xb4/0x940 kernel/locking/mutex.c:752 io_rsrc_ref_quiesce+0x590/0x940 io_uring/rsrc.c:253 io_sqe_buffers_unregister+0xa2/0x340 io_uring/rsrc.c:799 __io_uring_register io_uring/register.c:424 [inline] __do_sys_io_uring_register+0x5b9/0x2400 io_uring/register.c:613 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd8/0x270 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6f/0x77

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://git.kernel.org/stable/c/0c9df3df0c888d9ec8d11a68474a4aa04d371cff 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/4429c6c77e176a4c5aa7a3bbd1632f9fc0582518 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/54559642b96116b45e4b5ca7fd9f7835b8561272 416baaa9-dc9f-4396-8d5f-8c081fb06d67
This website uses the NVD API, but is not approved or certified by it.