ghsa-qc3w-vgwv-55x5
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
workqueue: Improve scalability of workqueue watchdog touch
On a ~2000 CPU powerpc system, hard lockups have been observed in the workqueue code when stop_machine runs (in this case due to CPU hotplug). This is due to lots of CPUs spinning in multi_cpu_stop, calling touch_nmi_watchdog() which ends up calling wq_watchdog_touch(). wq_watchdog_touch() writes to the global variable wq_watchdog_touched, and that can find itself in the same cacheline as other important workqueue data, which slows down operations to the point of lockups.
In the case of the following abridged trace, worker_pool_idr was in the hot line, causing the lockups to always appear at idr_find.
watchdog: CPU 1125 self-detected hard LOCKUP @ idr_find Call Trace: get_work_pool __queue_work call_timer_fn run_timer_softirq __do_softirq do_softirq_own_stack irq_exit timer_interrupt decrementer_common_virt * interrupt: 900 (timer) at multi_cpu_stop multi_cpu_stop cpu_stopper_thread smpboot_thread_fn kthread
Fix this by having wq_watchdog_touch() only write to the line if the last time a touch was recorded exceeds 1/4 of the watchdog threshold.
{
"affected": [],
"aliases": [
"CVE-2024-46839"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-27T13:15:15Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Improve scalability of workqueue watchdog touch\n\nOn a ~2000 CPU powerpc system, hard lockups have been observed in the\nworkqueue code when stop_machine runs (in this case due to CPU hotplug).\nThis is due to lots of CPUs spinning in multi_cpu_stop, calling\ntouch_nmi_watchdog() which ends up calling wq_watchdog_touch().\nwq_watchdog_touch() writes to the global variable wq_watchdog_touched,\nand that can find itself in the same cacheline as other important\nworkqueue data, which slows down operations to the point of lockups.\n\nIn the case of the following abridged trace, worker_pool_idr was in\nthe hot line, causing the lockups to always appear at idr_find.\n\n watchdog: CPU 1125 self-detected hard LOCKUP @ idr_find\n Call Trace:\n get_work_pool\n __queue_work\n call_timer_fn\n run_timer_softirq\n __do_softirq\n do_softirq_own_stack\n irq_exit\n timer_interrupt\n decrementer_common_virt\n * interrupt: 900 (timer) at multi_cpu_stop\n multi_cpu_stop\n cpu_stopper_thread\n smpboot_thread_fn\n kthread\n\nFix this by having wq_watchdog_touch() only write to the line if the\nlast time a touch was recorded exceeds 1/4 of the watchdog threshold.",
"id": "GHSA-qc3w-vgwv-55x5",
"modified": "2024-09-27T15:30:34Z",
"published": "2024-09-27T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46839"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/241bce1c757d0587721512296952e6bba69631ed"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/98f887f820c993e05a12e8aa816c80b8661d4c87"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9d08fce64dd77f42e2361a4818dbc4b50f3c7dad"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2abd35e7dc55bf9ed01e2b3481fa78e086d3bf4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/da5f374103a1e0881bbd35847dc57b04ac155eb0"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.