Linux Kernel up to 6.9.10 io_uring io_register_iowq_max_workers deadlock

Summaryinfo

A vulnerability was found in Linux Kernel up to 6.9.10. It has been rated as critical. This vulnerability affects the function io_register_iowq_max_workers of the component io_uring. This manipulation causes deadlock. This vulnerability is handled as CVE-2024-41080. There is not any exploit available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in Linux Kernel up to 6.9.10. It has been declared as critical. Affected by this vulnerability is the function io_register_iowq_max_workers of the component io_uring. The manipulation with an unknown input leads to a deadlock vulnerability. The CWE definition for the vulnerability is CWE-833. The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. As an impact it is known to affect availability. The summary by CVE is:

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock without releasing the uring_lock. Similar to the commit 009ad9f0c6ee ("io_uring: drop ctx->uring_lock before acquiring sqd->lock"), this can lead to a potential deadlock situation. To resolve this issue, the uring_lock is released before calling io_put_sq_data(), and then it is re-acquired after the function call. This change ensures that the locks are acquired in the correct order, preventing the possibility of a deadlock.

It is possible to read the advisory at git.kernel.org. This vulnerability is known as CVE-2024-41080 since 07/12/2024. Technical details of the vulnerability are known, but there is no available exploit.

The vulnerability scanner Nessus provides a plugin with the ID 207884 (openSUSE 15 Security Update : kernel (SUSE-SU-2024:3483-1)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 6.9.11 eliminates this vulnerability. Applying the patch b571a367502c/73254a297c2d is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the databases at Tenable (207884) and CERT Bund (WID-SEC-2024-1722). Be aware that VulDB is the high quality source for vulnerability data.

Affected

• Debian Linux
• Amazon Linux 2
• Red Hat Enterprise Linux
• Ubuntu Linux
• SUSE Linux
• IBM InfoSphere Guardium
• Oracle Linux
• NetApp FAS
• NetApp ActiveIQ Unified Manager
• Siemens SIMATIC S7
• Oracle VM
• IBM Security Guardium
• RESF Rocky Linux
• Broadcom Brocade SANnav
• Dell PowerScale
• Open Source Linux Kernel
• IBM QRadar SIEM
• Dell integrated Dell Remote Access Controller
• Dell Avamar
• IBM Storage Scale
• IBM Spectrum Protect Plus
• Juniper Junos Space
• IBM Storage Scale System
• SolarWinds Security Event Manager
• Dell PowerProtect Data Domain
• Dell PowerProtect Data Domain Management Center
• Dell PowerProtect Data Domain OS

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 6.9.0
• 6.9.1
• 6.9.2
• 6.9.3
• 6.9.4
• 6.9.5
• 6.9.6
• 6.9.7
• 6.9.8
• 6.9.9
• 6.9.10

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion