In the Linux kernel, the following vulnerability has been resolved:
io-wq: check for wq exit after adding new worker task_work
We check IO_WQ_BIT_EXIT before attempting to create a new worker, and
wq exit cancels pending work if we have any. But it’s possible to have
a race between the two, where creation checks exit finding it not set,
but we’re in the process of exiting. The exit side will cancel pending
creation task_work, but there’s a gap where we add task_work after we’ve
canceled existing creations at exit time.
Fix this by checking the EXIT bit post adding the creation task_work.
If it’s set, run the same cancelation that exit does.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/71a85387546e50b1a37b0fa45dadcae3bfb35cf6 (5.16-rc5)
git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec
git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6
launchpad.net/bugs/cve/CVE-2021-47577
nvd.nist.gov/vuln/detail/CVE-2021-47577
security-tracker.debian.org/tracker/CVE-2021-47577
www.cve.org/CVERecord?id=CVE-2021-47577