CVE-2024-58042 (GCVE-0-2024-58042)

Vulnerability from cvelistv5 – Published: 2025-02-27 20:00 – Updated: 2026-05-11 21:02
VLAI
Title
rhashtable: Fix potential deadlock by moving schedule_work outside lock
Summary
In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedule_work outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking dependency. The original implementation could trigger a lockdep warning due to a potential deadlock scenario involving nested locks between rhashtable bucket, rq lock, and dsq lock. By relocating the growth check and work scheduling after releasing the rth lock, we break this potential deadlock chain. This change expands the flexibility of rhashtable by removing restrictive locking that previously limited its use in scheduler and workqueue contexts. Import to say that this calls rht_grow_above_75(), which reads from struct rhashtable without holding the lock, if this is a problem, we can move the check to the lock, and schedule the workqueue after the lock. Modified so that atomic_inc is also moved outside of the bucket lock along with the growth above 75% check.
Severity
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: f0e1a0643a59bf1f922fa209cec86a170b784f3f , < eb2e58484b838fb4e777ee9721bb9e20e6ca971d (git)
Affected: f0e1a0643a59bf1f922fa209cec86a170b784f3f , < ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d (git)
Affected: f0e1a0643a59bf1f922fa209cec86a170b784f3f , < e1d3422c95f003eba241c176adfe593c33e8a8f6 (git)
Create a notification for this product.
Linux Linux Affected: 6.12
Unaffected: 0 , < 6.12 (semver)
Unaffected: 6.12.13 , ≤ 6.12.* (semver)
Unaffected: 6.13.2 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-58042",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:28:49.644173Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-667",
                "description": "CWE-667 Improper Locking",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:36:38.894Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "lib/rhashtable.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "eb2e58484b838fb4e777ee9721bb9e20e6ca971d",
              "status": "affected",
              "version": "f0e1a0643a59bf1f922fa209cec86a170b784f3f",
              "versionType": "git"
            },
            {
              "lessThan": "ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d",
              "status": "affected",
              "version": "f0e1a0643a59bf1f922fa209cec86a170b784f3f",
              "versionType": "git"
            },
            {
              "lessThan": "e1d3422c95f003eba241c176adfe593c33e8a8f6",
              "status": "affected",
              "version": "f0e1a0643a59bf1f922fa209cec86a170b784f3f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "lib/rhashtable.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.12"
            },
            {
              "lessThan": "6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.13",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.2",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrhashtable: Fix potential deadlock by moving schedule_work outside lock\n\nMove the hash table growth check and work scheduling outside the\nrht lock to prevent a possible circular locking dependency.\n\nThe original implementation could trigger a lockdep warning due to\na potential deadlock scenario involving nested locks between\nrhashtable bucket, rq lock, and dsq lock. By relocating the\ngrowth check and work scheduling after releasing the rth lock, we break\nthis potential deadlock chain.\n\nThis change expands the flexibility of rhashtable by removing\nrestrictive locking that previously limited its use in scheduler\nand workqueue contexts.\n\nImport to say that this calls rht_grow_above_75(), which reads from\nstruct rhashtable without holding the lock, if this is a problem, we can\nmove the check to the lock, and schedule the workqueue after the lock.\n\n\nModified so that atomic_inc is also moved outside of the bucket\nlock along with the growth above 75% check."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:02:19.346Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/eb2e58484b838fb4e777ee9721bb9e20e6ca971d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1d3422c95f003eba241c176adfe593c33e8a8f6"
        }
      ],
      "title": "rhashtable: Fix potential deadlock by moving schedule_work outside lock",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-58042",
    "datePublished": "2025-02-27T20:00:52.879Z",
    "dateReserved": "2025-02-27T02:16:34.106Z",
    "dateUpdated": "2026-05-11T21:02:19.346Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-58042",
      "date": "2026-05-26",
      "epss": "0.00086",
      "percentile": "0.24524"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-58042\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-27T20:16:02.257\",\"lastModified\":\"2025-10-01T20:18:10.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nrhashtable: Fix potential deadlock by moving schedule_work outside lock\\n\\nMove the hash table growth check and work scheduling outside the\\nrht lock to prevent a possible circular locking dependency.\\n\\nThe original implementation could trigger a lockdep warning due to\\na potential deadlock scenario involving nested locks between\\nrhashtable bucket, rq lock, and dsq lock. By relocating the\\ngrowth check and work scheduling after releasing the rth lock, we break\\nthis potential deadlock chain.\\n\\nThis change expands the flexibility of rhashtable by removing\\nrestrictive locking that previously limited its use in scheduler\\nand workqueue contexts.\\n\\nImport to say that this calls rht_grow_above_75(), which reads from\\nstruct rhashtable without holding the lock, if this is a problem, we can\\nmove the check to the lock, and schedule the workqueue after the lock.\\n\\n\\nModified so that atomic_inc is also moved outside of the bucket\\nlock along with the growth above 75% check.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rhashtable: corrige un posible punto muerto moviendo schedule_work fuera del bloqueo Mueva la comprobaci\u00f3n del crecimiento de la tabla hash y la programaci\u00f3n del trabajo fuera del bloqueo rht para evitar una posible dependencia de bloqueo circular. La implementaci\u00f3n original podr\u00eda activar una advertencia de lockdep debido a un posible escenario de punto muerto que involucra bloqueos anidados entre el dep\u00f3sito rhashtable, el bloqueo rq y el bloqueo dsq. Al reubicar la comprobaci\u00f3n del crecimiento y la programaci\u00f3n del trabajo despu\u00e9s de liberar el bloqueo rth, rompemos esta posible cadena de punto muerto. Este cambio expande la flexibilidad de rhashtable al eliminar el bloqueo restrictivo que anteriormente limitaba su uso en contextos de planificador y cola de trabajo. Importe para decir que esto llama a rht_grow_above_75(), que lee desde struct rhashtable sin mantener el bloqueo, si esto es un problema, podemos mover la comprobaci\u00f3n al bloqueo y programar la cola de trabajo despu\u00e9s del bloqueo. Modificado para que atomic_inc tambi\u00e9n se mueva fuera del bloqueo del dep\u00f3sito junto con la verificaci\u00f3n de crecimiento por encima del 75%.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.12\",\"versionEndExcluding\":\"6.12.13\",\"matchCriteriaId\":\"8507AA00-C52F-4231-94AC-4D0374F5A9F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.2\",\"matchCriteriaId\":\"6D4116B1-1BFD-4F23-BA84-169CC05FC5A3\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e1d3422c95f003eba241c176adfe593c33e8a8f6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/eb2e58484b838fb4e777ee9721bb9e20e6ca971d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-58042\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:28:49.644173Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-667\", \"description\": \"CWE-667 Improper Locking\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T16:56:43.849Z\"}}], \"cna\": {\"title\": \"rhashtable: Fix potential deadlock by moving schedule_work outside lock\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"f0e1a0643a59bf1f922fa209cec86a170b784f3f\", \"lessThan\": \"eb2e58484b838fb4e777ee9721bb9e20e6ca971d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f0e1a0643a59bf1f922fa209cec86a170b784f3f\", \"lessThan\": \"ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f0e1a0643a59bf1f922fa209cec86a170b784f3f\", \"lessThan\": \"e1d3422c95f003eba241c176adfe593c33e8a8f6\", \"versionType\": \"git\"}], \"programFiles\": [\"lib/rhashtable.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.12\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.12\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.12.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.13.*\"}, {\"status\": \"unaffected\", \"version\": \"6.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"lib/rhashtable.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/eb2e58484b838fb4e777ee9721bb9e20e6ca971d\"}, {\"url\": \"https://git.kernel.org/stable/c/ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d\"}, {\"url\": \"https://git.kernel.org/stable/c/e1d3422c95f003eba241c176adfe593c33e8a8f6\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nrhashtable: Fix potential deadlock by moving schedule_work outside lock\\n\\nMove the hash table growth check and work scheduling outside the\\nrht lock to prevent a possible circular locking dependency.\\n\\nThe original implementation could trigger a lockdep warning due to\\na potential deadlock scenario involving nested locks between\\nrhashtable bucket, rq lock, and dsq lock. By relocating the\\ngrowth check and work scheduling after releasing the rth lock, we break\\nthis potential deadlock chain.\\n\\nThis change expands the flexibility of rhashtable by removing\\nrestrictive locking that previously limited its use in scheduler\\nand workqueue contexts.\\n\\nImport to say that this calls rht_grow_above_75(), which reads from\\nstruct rhashtable without holding the lock, if this is a problem, we can\\nmove the check to the lock, and schedule the workqueue after the lock.\\n\\n\\nModified so that atomic_inc is also moved outside of the bucket\\nlock along with the growth above 75% check.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.13\", \"versionStartIncluding\": \"6.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13.2\", \"versionStartIncluding\": \"6.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.14\", \"versionStartIncluding\": \"6.12\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T21:02:19.346Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-58042\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T21:02:19.346Z\", \"dateReserved\": \"2025-02-27T02:16:34.106Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-02-27T20:00:52.879Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.