CVE-2024-26671 — Race Condition in Linux

CWE-362 — Race Condition39 documents9 sources

Severity

4.7MEDIUMNVD

OSV7.5OSV6.5OSV5.5

EPSS

0.0%

top 99.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedApr 2

Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(), waitqueue_active() may not observe the added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime blk_mq_mark_tag_wait() can't get driver tag successfully. This issue can be reproduced by runn…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages7 packages

▶NVDlinux/linux_kernel4.20 — 5.4.269+5

▶Debianlinux/linux_kernel< 5.10.216-1+3

▶Ubuntulinux/linux_kernel< 5.4.0-181.201+1

▶msrcmsrc/azl3_kernel_6.6.82.1-1_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.92.2-1_on_azure_linux_3.0

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-oracle-6.5 vulnerabilities↗2024-06-26

▶

OSV

linux-hwe-6.5 vulnerabilities↗2024-06-18

▶

OSV

linux-nvidia-6.5 vulnerabilities↗2024-06-14

▶

OSV

linux-oem-6.5 vulnerabilities↗2024-06-12

▶

OSV

linux-intel-iotg-5.15 vulnerabilities↗2024-06-11

▶

📋Vendor Advisories

CISA ICS

Siemens SINEC OS↗2025-08-14

▶

Ubuntu

Linux kernel (Oracle) vulnerabilities↗2024-06-26

▶

Ubuntu

Linux kernel (HWE) vulnerabilities↗2024-06-18

▶

Ubuntu

Linux kernel (NVIDIA) vulnerabilities↗2024-06-14

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2024-06-12

▶

💬Community

Bugzilla

CVE-2024-26671 kernel: blk-mq: fix IO hang from sbitmap wakeup race↗2024-04-02

▶