In the Linux kernel, the following vulnerability has been resolved:
rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock() For the kernels
built with CONFIG_RCU_NOCB_CPU_DEFAULT_ALL=y and CONFIG_RCU_LAZY=y, the
following scenarios will trigger WARN_ON_ONCE() in the
rcu_nocb_bypass_lock() and rcu_nocb_wait_contended() functions: CPU2 CPU11
kthread rcu_nocb_cb_kthread ksys_write rcu_do_batch vfs_write
rcu_torture_timer_cb proc_sys_write __kmem_cache_free proc_sys_call_handler
kmemleak_free drop_caches_sysctl_handler delete_object_full drop_slab
__delete_object shrink_slab put_object lazy_rcu_shrink_scan call_rcu
rcu_nocb_flush_bypass _call_rcu_commn rcu_nocb_bypass_lock
raw_spin_trylock(&rdp->nocb_bypass_lock) fail
atomic_inc(&rdp->nocb_lock_contended); rcu_nocb_wait_contended
WARN_ON_ONCE(smp_processor_id() != rdp->cpu);
WARN_ON_ONCE(atomic_read(&rdp->nocb_lock_contended)) | | _ _ _ _ _ _ _ _
same rdp and rdp->cpu != 11 _ _ _ _ _ _ _ _ __| Reproduce this bug with
“echo 3 > /proc/sys/vm/drop_caches”. This commit therefore uses
rcu_nocb_try_flush_bypass() instead of rcu_nocb_flush_bypass() in
lazy_rcu_shrink_scan(). If the nocb_bypass queue is being flushed, then
rcu_nocb_try_flush_bypass will return directly.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < 6.8.0-38.38 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < 6.8.0-1011.12 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/dda98810b552fc6bf650f4270edeebdc2f28bd3f (6.9-rc1)
git.kernel.org/stable/c/4d58c9fb45c70e62c19e8be3f3605889c47601bc
git.kernel.org/stable/c/927d1f4f77e4784ab3944a9df86ab14d1cd3185a
git.kernel.org/stable/c/dda98810b552fc6bf650f4270edeebdc2f28bd3f
launchpad.net/bugs/cve/CVE-2024-35929
nvd.nist.gov/vuln/detail/CVE-2024-35929
security-tracker.debian.org/tracker/CVE-2024-35929
ubuntu.com/security/notices/USN-6893-1
ubuntu.com/security/notices/USN-6893-2
ubuntu.com/security/notices/USN-6893-3
ubuntu.com/security/notices/USN-6918-1
www.cve.org/CVERecord?id=CVE-2024-35929