{"uuid": "9883e558-7c90-493c-bcb6-ad943ad2d0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50135", "type": "seen", "source": "https://t.me/cvedetector/9915", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50135 - \"NVMe PCI Race Condition Allows Invalid Queue Values\"\", \n  \"Content\": \"CVE ID : CVE-2024-50135 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnvme-pci: fix race condition between reset and nvme_dev_disable()  \n  \nnvme_dev_disable() modifies the dev->online_queues field, therefore  \nnvme_pci_update_nr_queues() should avoid racing against it, otherwise  \nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().  \n  \n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347  \n          pci_irq_get_affinity+0x187/0x210  \n Workqueue: nvme-reset-wq nvme_reset_work [nvme]  \n RIP: 0010:pci_irq_get_affinity+0x187/0x210  \n Call Trace:  \n    \n  ? blk_mq_pci_map_queues+0x87/0x3c0  \n  ? pci_irq_get_affinity+0x187/0x210  \n  blk_mq_pci_map_queues+0x87/0x3c0  \n  nvme_pci_map_queues+0x189/0x460 [nvme]  \n  blk_mq_update_nr_hw_queues+0x2a/0x40  \n  nvme_reset_work+0x1be/0x2a0 [nvme]  \n  \nFix the bug by locking the shutdown_lock mutex before using  \ndev->online_queues. Give up if nvme_dev_disable() is running or if  \nit has been executed already. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:14.000000Z"}