CVE-2024-39476Improper Locking in Linux

CWE-667Improper LockingCWE-833Deadlock7 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 93.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
LinuxLinux KernelDebian Linux+8 more
Timeline
PublishedJul 5
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as commit bed9e27baf52 ("Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"") However, Dan reported another hang after that, and junxiao investigated the problem and found out that this is caused by plugged bio can

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages12 packages

NVDlinux/linux_kernel4.194.19.316+6
Debianlinux/linux_kernel< 5.10.221-1+3
CVEListV5linux/linuxf3d55bd5b7b928ad82f8075d89c908702f3593abb32aa95843cac6b12c2c014d40fca18aef24a347+11

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-wx95-q6gv-qpp4: In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDIN2024-07-05
OSV
CVE-2024-39476: In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING2024-07-05

📋Vendor Advisories

4
CISA ICS
Siemens SINEC OS2025-08-14
Microsoft
md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING2024-07-09
Red Hat
kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING2024-07-05
Debian
CVE-2024-39476: linux - In the Linux kernel, the following vulnerability has been resolved: md/raid5: f...2024