ghsa-42p9-m692-hxrc
Vulnerability from github
Published
2024-02-20 21:30
Modified
2024-02-20 21:30
Details

In the Linux kernel, the following vulnerability has been resolved:

Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"

This reverts commit 5e2cf333b7bd5d3e62595a44d598a254c697cd74.

That commit introduced the following race and can cause system hung.

md_write_start: raid5d: // mddev->in_sync == 1 set "MD_SB_CHANGE_PENDING" // running before md_write_start wakeup it waiting "MD_SB_CHANGE_PENDING" cleared >>>>>>>>> hung wakeup mddev->thread ... waiting "MD_SB_CHANGE_PENDING" cleared

hung, raid5d should clear this flag but get hung by same flag.

The issue reverted commit fixing is fixed by last patch in a new way.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-52437"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-20T21:15:08Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\"\n\nThis reverts commit 5e2cf333b7bd5d3e62595a44d598a254c697cd74.\n\nThat commit introduced the following race and can cause system hung.\n\n md_write_start:             raid5d:\n // mddev-\u003ein_sync == 1\n set \"MD_SB_CHANGE_PENDING\"\n                            // running before md_write_start wakeup it\n                             waiting \"MD_SB_CHANGE_PENDING\" cleared\n                             \u003e\u003e\u003e\u003e\u003e\u003e\u003e\u003e\u003e hung\n wakeup mddev-\u003ethread\n ...\n waiting \"MD_SB_CHANGE_PENDING\" cleared\n \u003e\u003e\u003e\u003e hung, raid5d should clear this flag\n but get hung by same flag.\n\nThe issue reverted commit fixing is fixed by last patch in a new way.",
  "id": "GHSA-42p9-m692-hxrc",
  "modified": "2024-02-20T21:30:26Z",
  "published": "2024-02-20T21:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52437"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0de40f76d567133b871cd6ad46bb87afbce46983"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/84c39986fe6dd77aa15f08712339f5d4eb7dbe27"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/87165c64fe1a98bbab7280c58df3c83be2c98478"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aab69ef769707ad987ff905d79e0bd6591812580"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bed0acf330b2c50c688f6d9cfbcac2aa57a8e613"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bed9e27baf52a09b7ba2a3714f1e24e17ced386d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cfa46838285814c3a27faacf7357f0a65bb5d152"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e16a0bbdb7e590a6607b0d82915add738c03c069"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.