CVE-2024-57839 (GCVE-0-2024-57839)

Vulnerability from cvelistv5 – Published: 2025-01-11 14:30 – Updated: 2026-05-11 20:59
VLAI
Title
Revert "readahead: properly shorten readahead when falling back to do_page_cache_ra()"
Summary
In the Linux kernel, the following vulnerability has been resolved: Revert "readahead: properly shorten readahead when falling back to do_page_cache_ra()" This reverts commit 7c877586da3178974a8a94577b6045a48377ff25. Anders and Philippe have reported that recent kernels occasionally hang when used with NFS in readahead code. The problem has been bisected to 7c877586da3 ("readahead: properly shorten readahead when falling back to do_page_cache_ra()"). The cause of the problem is that ra->size can be shrunk by read_pages() call and subsequently we end up calling do_page_cache_ra() with negative (read huge positive) number of pages. Let's revert 7c877586da3 for now until we can find a proper way how the logic in read_pages() and page_cache_ra_order() can coexist. This can lead to reduced readahead throughput due to readahead window confusion but that's better than outright hangs.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 7c877586da3178974a8a94577b6045a48377ff25 , < 85351e4941a253e4c50fb7048bfc19b60b4ec44b (git)
Affected: 7c877586da3178974a8a94577b6045a48377ff25 , < a220d6b95b1ae12c7626283d7609f0a1438e6437 (git)
Create a notification for this product.
Linux Linux Affected: 6.11
Unaffected: 0 , < 6.11 (semver)
Unaffected: 6.12.5 , ≤ 6.12.* (semver)
Unaffected: 6.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/readahead.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "85351e4941a253e4c50fb7048bfc19b60b4ec44b",
              "status": "affected",
              "version": "7c877586da3178974a8a94577b6045a48377ff25",
              "versionType": "git"
            },
            {
              "lessThan": "a220d6b95b1ae12c7626283d7609f0a1438e6437",
              "status": "affected",
              "version": "7c877586da3178974a8a94577b6045a48377ff25",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/readahead.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.11"
            },
            {
              "lessThan": "6.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.5",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"readahead: properly shorten readahead when falling back to do_page_cache_ra()\"\n\nThis reverts commit 7c877586da3178974a8a94577b6045a48377ff25.\n\nAnders and Philippe have reported that recent kernels occasionally hang\nwhen used with NFS in readahead code.  The problem has been bisected to\n7c877586da3 (\"readahead: properly shorten readahead when falling back to\ndo_page_cache_ra()\").  The cause of the problem is that ra-\u003esize can be\nshrunk by read_pages() call and subsequently we end up calling\ndo_page_cache_ra() with negative (read huge positive) number of pages. \nLet\u0027s revert 7c877586da3 for now until we can find a proper way how the\nlogic in read_pages() and page_cache_ra_order() can coexist.  This can\nlead to reduced readahead throughput due to readahead window confusion but\nthat\u0027s better than outright hangs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:59:23.493Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/85351e4941a253e4c50fb7048bfc19b60b4ec44b"
        },
        {
          "url": "https://git.kernel.org/stable/c/a220d6b95b1ae12c7626283d7609f0a1438e6437"
        }
      ],
      "title": "Revert \"readahead: properly shorten readahead when falling back to do_page_cache_ra()\"",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-57839",
    "datePublished": "2025-01-11T14:30:56.149Z",
    "dateReserved": "2025-01-11T12:34:02.622Z",
    "dateUpdated": "2026-05-11T20:59:23.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-57839",
      "date": "2026-05-29",
      "epss": "0.00033",
      "percentile": "0.10131"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRevert \\\"readahead: properly shorten readahead when falling back to do_page_cache_ra()\\\"\\n\\nThis reverts commit 7c877586da3178974a8a94577b6045a48377ff25.\\n\\nAnders and Philippe have reported that recent kernels occasionally hang\\nwhen used with NFS in readahead code.  The problem has been bisected to\\n7c877586da3 (\\\"readahead: properly shorten readahead when falling back to\\ndo_page_cache_ra()\\\").  The cause of the problem is that ra-\u003esize can be\\nshrunk by read_pages() call and subsequently we end up calling\\ndo_page_cache_ra() with negative (read huge positive) number of pages. \\nLet\u0027s revert 7c877586da3 for now until we can find a proper way how the\\nlogic in read_pages() and page_cache_ra_order() can coexist.  This can\\nlead to reduced readahead throughput due to readahead window confusion but\\nthat\u0027s better than outright hangs.\"}]",
      "id": "CVE-2024-57839",
      "lastModified": "2025-01-11T15:15:07.050",
      "published": "2025-01-11T15:15:07.050",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/85351e4941a253e4c50fb7048bfc19b60b4ec44b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/a220d6b95b1ae12c7626283d7609f0a1438e6437\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Received"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-57839\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-11T15:15:07.050\",\"lastModified\":\"2025-10-17T15:26:12.860\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRevert \\\"readahead: properly shorten readahead when falling back to do_page_cache_ra()\\\"\\n\\nThis reverts commit 7c877586da3178974a8a94577b6045a48377ff25.\\n\\nAnders and Philippe have reported that recent kernels occasionally hang\\nwhen used with NFS in readahead code.  The problem has been bisected to\\n7c877586da3 (\\\"readahead: properly shorten readahead when falling back to\\ndo_page_cache_ra()\\\").  The cause of the problem is that ra-\u003esize can be\\nshrunk by read_pages() call and subsequently we end up calling\\ndo_page_cache_ra() with negative (read huge positive) number of pages. \\nLet\u0027s revert 7c877586da3 for now until we can find a proper way how the\\nlogic in read_pages() and page_cache_ra_order() can coexist.  This can\\nlead to reduced readahead throughput due to readahead window confusion but\\nthat\u0027s better than outright hangs.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Revertir \\\"readahead: acortar correctamente el readahead al volver a do_page_cache_ra()\\\" Esto revierte el commit 7c877586da3178974a8a94577b6045a48377ff25. Anders y Philippe han informado de que los kernels recientes a veces se bloquean cuando se utilizan con NFS en el c\u00f3digo readahead. El problema se ha dividido en 7c877586da3 (\\\"readahead: acortar correctamente el readahead al volver a do_page_cache_ra()\\\"). La causa del problema es que ra-\u0026gt;size se puede reducir mediante la llamada read_pages() y, posteriormente, terminamos llamando a do_page_cache_ra() con un n\u00famero de p\u00e1ginas negativo (leer positivo enorme). Revertiremos 7c877586da3 por ahora hasta que podamos encontrar una forma adecuada de que la l\u00f3gica en read_pages() y page_cache_ra_order() pueda coexistir. Esto puede provocar una reducci\u00f3n del rendimiento de lectura anticipada debido a la confusi\u00f3n de la ventana de lectura anticipada, pero es mejor que los bloqueos directos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-704\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.11\",\"versionEndExcluding\":\"6.12.5\",\"matchCriteriaId\":\"80D95899-614A-43BE-AD21-BA14E811ACC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/85351e4941a253e4c50fb7048bfc19b60b4ec44b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a220d6b95b1ae12c7626283d7609f0a1438e6437\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.