Vulnerability-Lookup

CVE-2024-53054 (GCVE-0-2024-53054)

Vulnerability from cvelistv5 – Published: 2024-11-19 17:19 – Updated: 2024-11-28 16:51

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-11-28T16:51:11.255Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-53054",
    "datePublished": "2024-11-19T17:19:38.311Z",
    "dateRejected": "2024-11-28T16:51:11.255Z",
    "dateReserved": "2024-11-19T17:17:24.974Z",
    "dateUpdated": "2024-11-28T16:51:11.255Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2024-AVI-1031

Vulnerability from certfr_avis - Published: 2024-11-29 - Updated: 2024-11-29

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Debian	N/A	Debian bookworm versions antérieures à 6.1.119-1

References

Title

Publication Time

Tags

Bulletin de sécurité Debian DSA-5818-1

2024-11-24

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.119-1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-53061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53061"
    },
    {
      "name": "CVE-2024-53052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53052"
    },
    {
      "name": "CVE-2024-53042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
    },
    {
      "name": "CVE-2024-50262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50262"
    },
    {
      "name": "CVE-2024-50268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50268"
    },
    {
      "name": "CVE-2024-50243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50243"
    },
    {
      "name": "CVE-2024-53054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53054"
    },
    {
      "name": "CVE-2024-53055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
    },
    {
      "name": "CVE-2024-43868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43868"
    },
    {
      "name": "CVE-2024-49950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49950"
    },
    {
      "name": "CVE-2024-50286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50286"
    },
    {
      "name": "CVE-2024-50302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
    },
    {
      "name": "CVE-2024-50267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50267"
    },
    {
      "name": "CVE-2024-50228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50228"
    },
    {
      "name": "CVE-2024-50269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50269"
    },
    {
      "name": "CVE-2024-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
    },
    {
      "name": "CVE-2024-50257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50257"
    },
    {
      "name": "CVE-2024-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53066"
    },
    {
      "name": "CVE-2024-50295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50295"
    },
    {
      "name": "CVE-2024-53063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
    },
    {
      "name": "CVE-2024-50249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50249"
    },
    {
      "name": "CVE-2024-49974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49974"
    },
    {
      "name": "CVE-2024-50233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50233"
    },
    {
      "name": "CVE-2024-49960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
    },
    {
      "name": "CVE-2024-50292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50292"
    },
    {
      "name": "CVE-2024-50012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50012"
    },
    {
      "name": "CVE-2024-50244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50244"
    },
    {
      "name": "CVE-2024-50072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50072"
    },
    {
      "name": "CVE-2024-50283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50283"
    },
    {
      "name": "CVE-2024-50247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50247"
    },
    {
      "name": "CVE-2024-50296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50296"
    },
    {
      "name": "CVE-2024-50284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50284"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-50237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50237"
    },
    {
      "name": "CVE-2024-50264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
    },
    {
      "name": "CVE-2024-50230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50230"
    },
    {
      "name": "CVE-2024-50276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50276"
    },
    {
      "name": "CVE-2024-53058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53058"
    },
    {
      "name": "CVE-2024-50272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
    },
    {
      "name": "CVE-2024-50261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
    },
    {
      "name": "CVE-2024-53088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53088"
    },
    {
      "name": "CVE-2024-49986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49986"
    },
    {
      "name": "CVE-2024-50290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
    },
    {
      "name": "CVE-2024-50242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50242"
    },
    {
      "name": "CVE-2024-50265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50265"
    },
    {
      "name": "CVE-2024-53082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
    },
    {
      "name": "CVE-2024-50282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50282"
    },
    {
      "name": "CVE-2024-50273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50273"
    },
    {
      "name": "CVE-2024-35964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
    },
    {
      "name": "CVE-2024-50280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
    },
    {
      "name": "CVE-2024-53081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53081"
    },
    {
      "name": "CVE-2024-50259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
    },
    {
      "name": "CVE-2024-50215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
    },
    {
      "name": "CVE-2024-50235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
    },
    {
      "name": "CVE-2024-26952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
    },
    {
      "name": "CVE-2024-50287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50287"
    },
    {
      "name": "CVE-2022-45888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45888"
    },
    {
      "name": "CVE-2024-36244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36244"
    },
    {
      "name": "CVE-2024-50278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50278"
    },
    {
      "name": "CVE-2024-53072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-53043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53043"
    },
    {
      "name": "CVE-2024-50036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50036"
    },
    {
      "name": "CVE-2024-50256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50256"
    },
    {
      "name": "CVE-2024-50232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50232"
    },
    {
      "name": "CVE-2024-50252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
    },
    {
      "name": "CVE-2024-50251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50251"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-41080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41080"
    },
    {
      "name": "CVE-2024-50236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50236"
    },
    {
      "name": "CVE-2024-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
    },
    {
      "name": "CVE-2024-36478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36478"
    },
    {
      "name": "CVE-2024-50271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
    },
    {
      "name": "CVE-2024-53070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
    },
    {
      "name": "CVE-2024-50234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50234"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-50229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50229"
    },
    {
      "name": "CVE-2024-36914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
    },
    {
      "name": "CVE-2024-50301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
    },
    {
      "name": "CVE-2024-49991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49991"
    },
    {
      "name": "CVE-2024-43904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43904"
    },
    {
      "name": "CVE-2024-50126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
    },
    {
      "name": "CVE-2024-50067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
    },
    {
      "name": "CVE-2024-53060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53060"
    },
    {
      "name": "CVE-2024-50250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
    },
    {
      "name": "CVE-2024-26954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26954"
    },
    {
      "name": "CVE-2024-43911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43911"
    },
    {
      "name": "CVE-2024-53059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53059"
    },
    {
      "name": "CVE-2024-50299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50299"
    },
    {
      "name": "CVE-2024-50218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50218"
    },
    {
      "name": "CVE-2024-50279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
    },
    {
      "name": "CVE-2024-50245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50245"
    },
    {
      "name": "CVE-2024-44949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44949"
    },
    {
      "name": "CVE-2023-52812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52812"
    },
    {
      "name": "CVE-2024-50255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
    },
    {
      "name": "CVE-2024-53093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53093"
    }
  ],
  "initial_release_date": "2024-11-29T00:00:00",
  "last_revision_date": "2024-11-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-1031",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
  "vendor_advisories": [
    {
      "published_at": "2024-11-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5818-1",
      "url": "https://lists.debian.org/debian-security-announce/2024/msg00233.html"
    }
  ]
}

GHSA-MM63-C923-GW6C

Vulnerability from github – Published: 2024-11-19 18:31 – Updated: 2024-11-22 21:32

Details

In the Linux kernel, the following vulnerability has been resolved:

cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction

A hung_task problem shown below was found:

INFO: task kworker/0:0:8 blocked for more than 327 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Workqueue: events cgroup_bpf_release Call Trace: __schedule+0x5a2/0x2050 ? find_held_lock+0x33/0x100 ? wq_worker_sleeping+0x9e/0xe0 schedule+0x9f/0x180 schedule_preempt_disabled+0x25/0x50 __mutex_lock+0x512/0x740 ? cgroup_bpf_release+0x1e/0x4d0 ? cgroup_bpf_release+0xcf/0x4d0 ? process_scheduled_works+0x161/0x8a0 ? cgroup_bpf_release+0x1e/0x4d0 ? mutex_lock_nested+0x2b/0x40 ? __pfx_delay_tsc+0x10/0x10 mutex_lock_nested+0x2b/0x40 cgroup_bpf_release+0xcf/0x4d0 ? process_scheduled_works+0x161/0x8a0 ? trace_event_raw_event_workqueue_execute_start+0x64/0xd0 ? process_scheduled_works+0x161/0x8a0 process_scheduled_works+0x23a/0x8a0 worker_thread+0x231/0x5b0 ? __pfx_worker_thread+0x10/0x10 kthread+0x14d/0x1c0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x59/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30

This issue can be reproduced by the following pressuse test: 1. A large number of cpuset cgroups are deleted. 2. Set cpu on and off repeatly. 3. Set watchdog_thresh repeatly. The scripts can be obtained at LINK mentioned above the signature.

The reason for this issue is cgroup_mutex and cpu_hotplug_lock are acquired in different tasks, which may lead to deadlock. It can lead to a deadlock through the following steps: 1. A large number of cpusets are deleted asynchronously, which puts a large number of cgroup_bpf_release works into system_wq. The max_active of system_wq is WQ_DFL_ACTIVE(256). Consequently, all active works are cgroup_bpf_release works, and many cgroup_bpf_release works will be put into inactive queue. As illustrated in the diagram, there are 256 (in the acvtive queue) + n (in the inactive queue) works. 2. Setting watchdog_thresh will hold cpu_hotplug_lock.read and put smp_call_on_cpu work into system_wq. However step 1 has already filled system_wq, 'sscs.work' is put into inactive queue. 'sscs.work' has to wait until the works that were put into the inacvtive queue earlier have executed (n cgroup_bpf_release), so it will be blocked for a while. 3. Cpu offline requires cpu_hotplug_lock.write, which is blocked by step 2. 4. Cpusets that were deleted at step 1 put cgroup_release works into cgroup_destroy_wq. They are competing to get cgroup_mutex all the time. When cgroup_metux is acqured by work at css_killed_work_fn, it will call cpuset_css_offline, which needs to acqure cpu_hotplug_lock.read. However, cpuset_css_offline will be blocked for step 3. 5. At this moment, there are 256 works in active queue that are cgroup_bpf_release, they are attempting to acquire cgroup_mutex, and as a result, all of them are blocked. Consequently, sscs.work can not be executed. Ultimately, this situation leads to four processes being blocked, forming a deadlock.

system_wq(step1) WatchDog(step2) cpu offline(step3) cgroup_destroy_wq(step4) ... 2000+ cgroups deleted asyn 256 actives + n inactives __lockup_detector_reconfigure P(cpu_hotplug_lock.read) put sscs.work into system_wq 256 + n + 1(sscs.work) sscs.work wait to be executed warting sscs.work finish percpu_down_write P(cpu_hotplug_lock.write) ...blocking... css_killed_work_fn P(cgroup_mutex) cpuset_css_offline P(cpu_hotplug_lock.read) ...blocking... 256 cgroup_bpf_release mutex_lock(&cgroup_mutex); ..blocking...

To fix the problem, place cgroup_bpf_release works on a dedicated workqueue which can break the loop and solve the problem. System wqs are for misc things which shouldn't create a large number of concurrent work items. If something is going to generate > ---truncated---

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-53054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-667"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T18:15:25Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup/bpf: use a dedicated workqueue for cgroup bpf destruction\n\nA hung_task problem shown below was found:\n\nINFO: task kworker/0:0:8 blocked for more than 327 seconds.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nWorkqueue: events cgroup_bpf_release\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x5a2/0x2050\n ? find_held_lock+0x33/0x100\n ? wq_worker_sleeping+0x9e/0xe0\n schedule+0x9f/0x180\n schedule_preempt_disabled+0x25/0x50\n __mutex_lock+0x512/0x740\n ? cgroup_bpf_release+0x1e/0x4d0\n ? cgroup_bpf_release+0xcf/0x4d0\n ? process_scheduled_works+0x161/0x8a0\n ? cgroup_bpf_release+0x1e/0x4d0\n ? mutex_lock_nested+0x2b/0x40\n ? __pfx_delay_tsc+0x10/0x10\n mutex_lock_nested+0x2b/0x40\n cgroup_bpf_release+0xcf/0x4d0\n ? process_scheduled_works+0x161/0x8a0\n ? trace_event_raw_event_workqueue_execute_start+0x64/0xd0\n ? process_scheduled_works+0x161/0x8a0\n process_scheduled_works+0x23a/0x8a0\n worker_thread+0x231/0x5b0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x14d/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x59/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThis issue can be reproduced by the following pressuse test:\n1. A large number of cpuset cgroups are deleted.\n2. Set cpu on and off repeatly.\n3. Set watchdog_thresh repeatly.\nThe scripts can be obtained at LINK mentioned above the signature.\n\nThe reason for this issue is cgroup_mutex and cpu_hotplug_lock are\nacquired in different tasks, which may lead to deadlock.\nIt can lead to a deadlock through the following steps:\n1. A large number of cpusets are deleted asynchronously, which puts a\n   large number of cgroup_bpf_release works into system_wq. The max_active\n   of system_wq is WQ_DFL_ACTIVE(256). Consequently, all active works are\n   cgroup_bpf_release works, and many cgroup_bpf_release works will be put\n   into inactive queue. As illustrated in the diagram, there are 256 (in\n   the acvtive queue) + n (in the inactive queue) works.\n2. Setting watchdog_thresh will hold cpu_hotplug_lock.read and put\n   smp_call_on_cpu work into system_wq. However step 1 has already filled\n   system_wq, \u0027sscs.work\u0027 is put into inactive queue. \u0027sscs.work\u0027 has\n   to wait until the works that were put into the inacvtive queue earlier\n   have executed (n cgroup_bpf_release), so it will be blocked for a while.\n3. Cpu offline requires cpu_hotplug_lock.write, which is blocked by step 2.\n4. Cpusets that were deleted at step 1 put cgroup_release works into\n   cgroup_destroy_wq. They are competing to get cgroup_mutex all the time.\n   When cgroup_metux is acqured by work at css_killed_work_fn, it will\n   call cpuset_css_offline, which needs to acqure cpu_hotplug_lock.read.\n   However, cpuset_css_offline will be blocked for step 3.\n5. At this moment, there are 256 works in active queue that are\n   cgroup_bpf_release, they are attempting to acquire cgroup_mutex, and as\n   a result, all of them are blocked. Consequently, sscs.work can not be\n   executed. Ultimately, this situation leads to four processes being\n   blocked, forming a deadlock.\n\nsystem_wq(step1)\t\tWatchDog(step2)\t\t\tcpu offline(step3)\tcgroup_destroy_wq(step4)\n...\n2000+ cgroups deleted asyn\n256 actives + n inactives\n\t\t\t\t__lockup_detector_reconfigure\n\t\t\t\tP(cpu_hotplug_lock.read)\n\t\t\t\tput sscs.work into system_wq\n256 + n + 1(sscs.work)\nsscs.work wait to be executed\n\t\t\t\twarting sscs.work finish\n\t\t\t\t\t\t\t\tpercpu_down_write\n\t\t\t\t\t\t\t\tP(cpu_hotplug_lock.write)\n\t\t\t\t\t\t\t\t...blocking...\n\t\t\t\t\t\t\t\t\t\t\tcss_killed_work_fn\n\t\t\t\t\t\t\t\t\t\t\tP(cgroup_mutex)\n\t\t\t\t\t\t\t\t\t\t\tcpuset_css_offline\n\t\t\t\t\t\t\t\t\t\t\tP(cpu_hotplug_lock.read)\n\t\t\t\t\t\t\t\t\t\t\t...blocking...\n256 cgroup_bpf_release\nmutex_lock(\u0026cgroup_mutex);\n..blocking...\n\nTo fix the problem, place cgroup_bpf_release works on a dedicated\nworkqueue which can break the loop and solve the problem. System wqs are\nfor misc things which shouldn\u0027t create a large number of concurrent work\nitems. If something is going to generate \u003e\n---truncated---",
  "id": "GHSA-mm63-c923-gw6c",
  "modified": "2024-11-22T21:32:13Z",
  "published": "2024-11-19T18:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53054"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d86cd70fc6a7ba18becb52ad8334d5ad3eca530"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/117932eea99b729ee5d12783601a4f7f5fd58a23"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dab3331523ba73db1345d19e6f586dcd5f6efb4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71f14a9f5c7db72fdbc56e667d4ed42a1a760494"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-53054

Vulnerability from fkie_nvd - Published: 2024-11-19 18:15 - Updated: 2024-11-28 17:15

Severity ?

Summary

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

References

	URL	Tags

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
    }
  ],
  "id": "CVE-2024-53054",
  "lastModified": "2024-11-28T17:15:48.820",
  "metrics": {},
  "published": "2024-11-19T18:15:25.500",
  "references": [],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Rejected"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-53054 (GCVE-0-2024-53054)

CERTFR-2024-AVI-1031

Solutions

GHSA-MM63-C923-GW6C

FKIE_CVE-2024-53054

Tags

Sightings

Nomenclature