CVE-2024-39476 (GCVE-0-2024-39476)

Vulnerability from cvelistv5 – Published: 2024-07-05 06:55 – Updated: 2025-05-04 12:57
VLAI?
Title
md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
Summary
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as commit bed9e27baf52 ("Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"") However, Dan reported another hang after that, and junxiao investigated the problem and found out that this is caused by plugged bio can't issue from raid5d(). Current implementation in raid5d() has a weird dependence: 1) md_check_recovery() from raid5d() must hold 'reconfig_mutex' to clear MD_SB_CHANGE_PENDING; 2) raid5d() handles IO in a deadloop, until all IO are issued; 3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared; This behaviour is introduce before v2.6, and for consequence, if other context hold 'reconfig_mutex', and md_check_recovery() can't update super_block, then raid5d() will waste one cpu 100% by the deadloop, until 'reconfig_mutex' is released. Refer to the implementation from raid1 and raid10, fix this problem by skipping issue IO if MD_SB_CHANGE_PENDING is still set after md_check_recovery(), daemon thread will be woken up when 'reconfig_mutex' is released. Meanwhile, the hang problem will be fixed as well.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: f3d55bd5b7b928ad82f8075d89c908702f3593ab , < b32aa95843cac6b12c2c014d40fca18aef24a347 (git)
Affected: 1c00bb624cd084e2006520ad0edacaff0fb941c4 , < 634ba3c97ec413cb10681c7b196db43ee461ecf4 (git)
Affected: 782b3e71c957991ac8ae53318bc369049d49bb53 , < aa64464c8f4d2ab92f6d0b959a1e0767b829d787 (git)
Affected: 9e86dffd0b02594d2e7c60c6db9e889c0395414b , < 098d54934814dd876963abfe751c3b1cf7fbe56a (git)
Affected: 5e2cf333b7bd5d3e62595a44d598a254c697cd74 , < 3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b (git)
Affected: 5e2cf333b7bd5d3e62595a44d598a254c697cd74 , < cd2538e5af495b3c747e503db346470fc1ffc447 (git)
Affected: 5e2cf333b7bd5d3e62595a44d598a254c697cd74 , < e332a12f65d8fed8cf63bedb4e9317bb872b9ac7 (git)
Affected: 5e2cf333b7bd5d3e62595a44d598a254c697cd74 , < 151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa (git)
Affected: 7d808fe6af8409cf9f46ed2b10840e5788985e9b (git)
Affected: 2cab058f2b147e0b7c01546ba00445e5701861f5 (git)
Affected: 91962e40ec3d26e291db230cd45b302da2aff200 (git)
Create a notification for this product.
    Linux Linux Affected: 6.1
Unaffected: 0 , < 6.1 (semver)
Unaffected: 4.19.316 , ≤ 4.19.* (semver)
Unaffected: 5.4.278 , ≤ 5.4.* (semver)
Unaffected: 5.10.219 , ≤ 5.10.* (semver)
Unaffected: 5.15.161 , ≤ 5.15.* (semver)
Unaffected: 6.1.94 , ≤ 6.1.* (semver)
Unaffected: 6.6.34 , ≤ 6.6.* (semver)
Unaffected: 6.9.5 , ≤ 6.9.* (semver)
Unaffected: 6.10 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39476",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T15:14:06.487642Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T15:14:14.582Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:15.248Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/raid5.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b32aa95843cac6b12c2c014d40fca18aef24a347",
              "status": "affected",
              "version": "f3d55bd5b7b928ad82f8075d89c908702f3593ab",
              "versionType": "git"
            },
            {
              "lessThan": "634ba3c97ec413cb10681c7b196db43ee461ecf4",
              "status": "affected",
              "version": "1c00bb624cd084e2006520ad0edacaff0fb941c4",
              "versionType": "git"
            },
            {
              "lessThan": "aa64464c8f4d2ab92f6d0b959a1e0767b829d787",
              "status": "affected",
              "version": "782b3e71c957991ac8ae53318bc369049d49bb53",
              "versionType": "git"
            },
            {
              "lessThan": "098d54934814dd876963abfe751c3b1cf7fbe56a",
              "status": "affected",
              "version": "9e86dffd0b02594d2e7c60c6db9e889c0395414b",
              "versionType": "git"
            },
            {
              "lessThan": "3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b",
              "status": "affected",
              "version": "5e2cf333b7bd5d3e62595a44d598a254c697cd74",
              "versionType": "git"
            },
            {
              "lessThan": "cd2538e5af495b3c747e503db346470fc1ffc447",
              "status": "affected",
              "version": "5e2cf333b7bd5d3e62595a44d598a254c697cd74",
              "versionType": "git"
            },
            {
              "lessThan": "e332a12f65d8fed8cf63bedb4e9317bb872b9ac7",
              "status": "affected",
              "version": "5e2cf333b7bd5d3e62595a44d598a254c697cd74",
              "versionType": "git"
            },
            {
              "lessThan": "151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa",
              "status": "affected",
              "version": "5e2cf333b7bd5d3e62595a44d598a254c697cd74",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "7d808fe6af8409cf9f46ed2b10840e5788985e9b",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "2cab058f2b147e0b7c01546ba00445e5701861f5",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "91962e40ec3d26e291db230cd45b302da2aff200",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/raid5.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.316",
                  "versionStartIncluding": "4.19.262",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.278",
                  "versionStartIncluding": "5.4.220",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.219",
                  "versionStartIncluding": "5.10.150",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.161",
                  "versionStartIncluding": "5.15.75",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.94",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.34",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9.5",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.14.296",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.19.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.0.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\n\nXiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with\nsmall possibility, the root cause is exactly the same as commit\nbed9e27baf52 (\"Revert \"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\"\")\n\nHowever, Dan reported another hang after that, and junxiao investigated\nthe problem and found out that this is caused by plugged bio can\u0027t issue\nfrom raid5d().\n\nCurrent implementation in raid5d() has a weird dependence:\n\n1) md_check_recovery() from raid5d() must hold \u0027reconfig_mutex\u0027 to clear\n   MD_SB_CHANGE_PENDING;\n2) raid5d() handles IO in a deadloop, until all IO are issued;\n3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared;\n\nThis behaviour is introduce before v2.6, and for consequence, if other\ncontext hold \u0027reconfig_mutex\u0027, and md_check_recovery() can\u0027t update\nsuper_block, then raid5d() will waste one cpu 100% by the deadloop, until\n\u0027reconfig_mutex\u0027 is released.\n\nRefer to the implementation from raid1 and raid10, fix this problem by\nskipping issue IO if MD_SB_CHANGE_PENDING is still set after\nmd_check_recovery(), daemon thread will be woken up when \u0027reconfig_mutex\u0027\nis released. Meanwhile, the hang problem will be fixed as well."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T12:57:03.441Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347"
        },
        {
          "url": "https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787"
        },
        {
          "url": "https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b"
        },
        {
          "url": "https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447"
        },
        {
          "url": "https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7"
        },
        {
          "url": "https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa"
        }
      ],
      "title": "md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-39476",
    "datePublished": "2024-07-05T06:55:06.559Z",
    "dateReserved": "2024-06-25T14:23:23.746Z",
    "dateUpdated": "2025-05-04T12:57:03.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.19\", \"versionEndExcluding\": \"4.19.316\", \"matchCriteriaId\": \"34445C8D-D7E6-4796-B792-C9257E89257B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.4\", \"versionEndExcluding\": \"5.4.278\", \"matchCriteriaId\": \"8E2371B0-4787-4038-B526-021D4CF93B31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.10\", \"versionEndExcluding\": \"5.10.219\", \"matchCriteriaId\": \"5311C980-4CDF-4C10-8875-F04ED0F03398\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.15\", \"versionEndExcluding\": \"5.15.161\", \"matchCriteriaId\": \"E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.1\", \"versionEndExcluding\": \"6.1.94\", \"matchCriteriaId\": \"B5A86346-2984-4261-AC12-29EACB186000\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.6\", \"versionEndExcluding\": \"6.6.34\", \"matchCriteriaId\": \"AC0C6E24-8240-425A-BD1A-F78E6D3A67FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.9\", \"versionEndExcluding\": \"6.9.5\", \"matchCriteriaId\": \"54EDFD02-25E6-4BC8-9AD0-0A59881F400A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\\n\\nXiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with\\nsmall possibility, the root cause is exactly the same as commit\\nbed9e27baf52 (\\\"Revert \\\"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\\\"\\\")\\n\\nHowever, Dan reported another hang after that, and junxiao investigated\\nthe problem and found out that this is caused by plugged bio can\u0027t issue\\nfrom raid5d().\\n\\nCurrent implementation in raid5d() has a weird dependence:\\n\\n1) md_check_recovery() from raid5d() must hold \u0027reconfig_mutex\u0027 to clear\\n   MD_SB_CHANGE_PENDING;\\n2) raid5d() handles IO in a deadloop, until all IO are issued;\\n3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared;\\n\\nThis behaviour is introduce before v2.6, and for consequence, if other\\ncontext hold \u0027reconfig_mutex\u0027, and md_check_recovery() can\u0027t update\\nsuper_block, then raid5d() will waste one cpu 100% by the deadloop, until\\n\u0027reconfig_mutex\u0027 is released.\\n\\nRefer to the implementation from raid1 and raid10, fix this problem by\\nskipping issue IO if MD_SB_CHANGE_PENDING is still set after\\nmd_check_recovery(), daemon thread will be woken up when \u0027reconfig_mutex\u0027\\nis released. Meanwhile, the hang problem will be fixed as well.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: md/raid5: corrige el punto muerto que raid5d() espera a que se borre MD_SB_CHANGE_PENDING Xiao inform\\u00f3 que la prueba lvm2 lvconvert-raid-takeover.sh puede bloquearse con una peque\\u00f1a posibilidad, la causa principal es exactamente lo mismo que el commit bed9e27baf52 (\\\"Revertir \\\"md/raid5: Espere MD_SB_CHANGE_PENDING en raid5d\\\") Sin embargo, Dan inform\\u00f3 otro bloqueo despu\\u00e9s de eso, y Junxiao investig\\u00f3 el problema y descubri\\u00f3 que esto se debe a que la biograf\\u00eda conectada no puede emitir de raid5d(). La implementaci\\u00f3n actual en raid5d() tiene una dependencia extra\\u00f1a: 1) md_check_recovery() de raid5d() debe mantener \u0027reconfig_mutex\u0027 para borrar MD_SB_CHANGE_PENDING; 2) raid5d() maneja IO en un bucle muerto, hasta que se emiten todas las IO; 3) IO de raid5d() debe esperar a que se borre MD_SB_CHANGE_PENDING; Este comportamiento se introdujo antes de v2.6 y, como consecuencia, si otro contexto contiene \u0027reconfig_mutex\u0027 y md_check_recovery() no puede actualizar super_block, entonces raid5d() desperdiciar\\u00e1 una CPU al 100% mediante el bucle muerto, hasta que \u0027reconfig_mutex\u0027 sea liberado. Consulte la implementaci\\u00f3n de raid1 y raid10, solucione este problema omitiendo el problema IO si MD_SB_CHANGE_PENDING todav\\u00eda est\\u00e1 configurado despu\\u00e9s de md_check_recovery(), el hilo del daemon se activar\\u00e1 cuando se publique \u0027reconfig_mutex\u0027. Mientras tanto, el problema de bloqueo tambi\\u00e9n se solucionar\\u00e1.\"}]",
      "id": "CVE-2024-39476",
      "lastModified": "2024-11-21T09:27:44.897",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-07-05T07:15:10.340",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-667\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-39476\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-05T07:15:10.340\",\"lastModified\":\"2024-11-21T09:27:44.897\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\\n\\nXiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with\\nsmall possibility, the root cause is exactly the same as commit\\nbed9e27baf52 (\\\"Revert \\\"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\\\"\\\")\\n\\nHowever, Dan reported another hang after that, and junxiao investigated\\nthe problem and found out that this is caused by plugged bio can\u0027t issue\\nfrom raid5d().\\n\\nCurrent implementation in raid5d() has a weird dependence:\\n\\n1) md_check_recovery() from raid5d() must hold \u0027reconfig_mutex\u0027 to clear\\n   MD_SB_CHANGE_PENDING;\\n2) raid5d() handles IO in a deadloop, until all IO are issued;\\n3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared;\\n\\nThis behaviour is introduce before v2.6, and for consequence, if other\\ncontext hold \u0027reconfig_mutex\u0027, and md_check_recovery() can\u0027t update\\nsuper_block, then raid5d() will waste one cpu 100% by the deadloop, until\\n\u0027reconfig_mutex\u0027 is released.\\n\\nRefer to the implementation from raid1 and raid10, fix this problem by\\nskipping issue IO if MD_SB_CHANGE_PENDING is still set after\\nmd_check_recovery(), daemon thread will be woken up when \u0027reconfig_mutex\u0027\\nis released. Meanwhile, the hang problem will be fixed as well.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: md/raid5: corrige el punto muerto que raid5d() espera a que se borre MD_SB_CHANGE_PENDING Xiao inform\u00f3 que la prueba lvm2 lvconvert-raid-takeover.sh puede bloquearse con una peque\u00f1a posibilidad, la causa principal es exactamente lo mismo que el commit bed9e27baf52 (\\\"Revertir \\\"md/raid5: Espere MD_SB_CHANGE_PENDING en raid5d\\\") Sin embargo, Dan inform\u00f3 otro bloqueo despu\u00e9s de eso, y Junxiao investig\u00f3 el problema y descubri\u00f3 que esto se debe a que la biograf\u00eda conectada no puede emitir de raid5d(). La implementaci\u00f3n actual en raid5d() tiene una dependencia extra\u00f1a: 1) md_check_recovery() de raid5d() debe mantener \u0027reconfig_mutex\u0027 para borrar MD_SB_CHANGE_PENDING; 2) raid5d() maneja IO en un bucle muerto, hasta que se emiten todas las IO; 3) IO de raid5d() debe esperar a que se borre MD_SB_CHANGE_PENDING; Este comportamiento se introdujo antes de v2.6 y, como consecuencia, si otro contexto contiene \u0027reconfig_mutex\u0027 y md_check_recovery() no puede actualizar super_block, entonces raid5d() desperdiciar\u00e1 una CPU al 100% mediante el bucle muerto, hasta que \u0027reconfig_mutex\u0027 sea liberado. Consulte la implementaci\u00f3n de raid1 y raid10, solucione este problema omitiendo el problema IO si MD_SB_CHANGE_PENDING todav\u00eda est\u00e1 configurado despu\u00e9s de md_check_recovery(), el hilo del daemon se activar\u00e1 cuando se publique \u0027reconfig_mutex\u0027. Mientras tanto, el problema de bloqueo tambi\u00e9n se solucionar\u00e1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndExcluding\":\"4.19.316\",\"matchCriteriaId\":\"34445C8D-D7E6-4796-B792-C9257E89257B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4\",\"versionEndExcluding\":\"5.4.278\",\"matchCriteriaId\":\"8E2371B0-4787-4038-B526-021D4CF93B31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10\",\"versionEndExcluding\":\"5.10.219\",\"matchCriteriaId\":\"5311C980-4CDF-4C10-8875-F04ED0F03398\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15\",\"versionEndExcluding\":\"5.15.161\",\"matchCriteriaId\":\"E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndExcluding\":\"6.1.94\",\"matchCriteriaId\":\"B5A86346-2984-4261-AC12-29EACB186000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6\",\"versionEndExcluding\":\"6.6.34\",\"matchCriteriaId\":\"AC0C6E24-8240-425A-BD1A-F78E6D3A67FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.9\",\"versionEndExcluding\":\"6.9.5\",\"matchCriteriaId\":\"54EDFD02-25E6-4BC8-9AD0-0A59881F400A\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T04:26:15.248Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-39476\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-08T15:14:06.487642Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-08T15:14:10.874Z\"}}], \"cna\": {\"title\": \"md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"f3d55bd5b7b928ad82f8075d89c908702f3593ab\", \"lessThan\": \"b32aa95843cac6b12c2c014d40fca18aef24a347\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1c00bb624cd084e2006520ad0edacaff0fb941c4\", \"lessThan\": \"634ba3c97ec413cb10681c7b196db43ee461ecf4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"782b3e71c957991ac8ae53318bc369049d49bb53\", \"lessThan\": \"aa64464c8f4d2ab92f6d0b959a1e0767b829d787\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9e86dffd0b02594d2e7c60c6db9e889c0395414b\", \"lessThan\": \"098d54934814dd876963abfe751c3b1cf7fbe56a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5e2cf333b7bd5d3e62595a44d598a254c697cd74\", \"lessThan\": \"3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5e2cf333b7bd5d3e62595a44d598a254c697cd74\", \"lessThan\": \"cd2538e5af495b3c747e503db346470fc1ffc447\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5e2cf333b7bd5d3e62595a44d598a254c697cd74\", \"lessThan\": \"e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5e2cf333b7bd5d3e62595a44d598a254c697cd74\", \"lessThan\": \"151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/md/raid5.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.1\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.316\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.278\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.219\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.161\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.94\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.34\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.9.*\"}, {\"status\": \"unaffected\", \"version\": \"6.10\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/md/raid5.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b32aa95843cac6b12c2c014d40fca18aef24a347\"}, {\"url\": \"https://git.kernel.org/stable/c/634ba3c97ec413cb10681c7b196db43ee461ecf4\"}, {\"url\": \"https://git.kernel.org/stable/c/aa64464c8f4d2ab92f6d0b959a1e0767b829d787\"}, {\"url\": \"https://git.kernel.org/stable/c/098d54934814dd876963abfe751c3b1cf7fbe56a\"}, {\"url\": \"https://git.kernel.org/stable/c/3f8d5e802d4cedd445f9a89be8c3fd2d0e99024b\"}, {\"url\": \"https://git.kernel.org/stable/c/cd2538e5af495b3c747e503db346470fc1ffc447\"}, {\"url\": \"https://git.kernel.org/stable/c/e332a12f65d8fed8cf63bedb4e9317bb872b9ac7\"}, {\"url\": \"https://git.kernel.org/stable/c/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\\n\\nXiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with\\nsmall possibility, the root cause is exactly the same as commit\\nbed9e27baf52 (\\\"Revert \\\"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\\\"\\\")\\n\\nHowever, Dan reported another hang after that, and junxiao investigated\\nthe problem and found out that this is caused by plugged bio can\u0027t issue\\nfrom raid5d().\\n\\nCurrent implementation in raid5d() has a weird dependence:\\n\\n1) md_check_recovery() from raid5d() must hold \u0027reconfig_mutex\u0027 to clear\\n   MD_SB_CHANGE_PENDING;\\n2) raid5d() handles IO in a deadloop, until all IO are issued;\\n3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared;\\n\\nThis behaviour is introduce before v2.6, and for consequence, if other\\ncontext hold \u0027reconfig_mutex\u0027, and md_check_recovery() can\u0027t update\\nsuper_block, then raid5d() will waste one cpu 100% by the deadloop, until\\n\u0027reconfig_mutex\u0027 is released.\\n\\nRefer to the implementation from raid1 and raid10, fix this problem by\\nskipping issue IO if MD_SB_CHANGE_PENDING is still set after\\nmd_check_recovery(), daemon thread will be woken up when \u0027reconfig_mutex\u0027\\nis released. Meanwhile, the hang problem will be fixed as well.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T09:06:54.518Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-39476\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T09:06:54.518Z\", \"dateReserved\": \"2024-06-25T14:23:23.746Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-07-05T06:55:06.559Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}