ghsa-9m45-9636-5jr3
Vulnerability from github
Published
2025-01-11 15:30
Modified
2025-10-17 15:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

Revert "readahead: properly shorten readahead when falling back to do_page_cache_ra()"

This reverts commit 7c877586da3178974a8a94577b6045a48377ff25.

Anders and Philippe have reported that recent kernels occasionally hang when used with NFS in readahead code. The problem has been bisected to 7c877586da3 ("readahead: properly shorten readahead when falling back to do_page_cache_ra()"). The cause of the problem is that ra->size can be shrunk by read_pages() call and subsequently we end up calling do_page_cache_ra() with negative (read huge positive) number of pages. Let's revert 7c877586da3 for now until we can find a proper way how the logic in read_pages() and page_cache_ra_order() can coexist. This can lead to reduced readahead throughput due to readahead window confusion but that's better than outright hangs.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-57839"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-11T15:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"readahead: properly shorten readahead when falling back to do_page_cache_ra()\"\n\nThis reverts commit 7c877586da3178974a8a94577b6045a48377ff25.\n\nAnders and Philippe have reported that recent kernels occasionally hang\nwhen used with NFS in readahead code.  The problem has been bisected to\n7c877586da3 (\"readahead: properly shorten readahead when falling back to\ndo_page_cache_ra()\").  The cause of the problem is that ra-\u003esize can be\nshrunk by read_pages() call and subsequently we end up calling\ndo_page_cache_ra() with negative (read huge positive) number of pages. \nLet\u0027s revert 7c877586da3 for now until we can find a proper way how the\nlogic in read_pages() and page_cache_ra_order() can coexist.  This can\nlead to reduced readahead throughput due to readahead window confusion but\nthat\u0027s better than outright hangs.",
  "id": "GHSA-9m45-9636-5jr3",
  "modified": "2025-10-17T15:30:55Z",
  "published": "2025-01-11T15:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57839"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/85351e4941a253e4c50fb7048bfc19b60b4ec44b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a220d6b95b1ae12c7626283d7609f0a1438e6437"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.