In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(), waitqueue_active() may not observe the added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime blk_mq_mark_tag_wait() can't get driver tag successfully. This issue can be reproduced by running the following test in loop, and fio hang can be observed in < 30min when running it on my test VM in laptop. modprobe -r scsi_debug modprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4 dev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename` fio --filename=/dev/"$dev" --direct=1 --rw=randrw --bs=4k --iodepth=1 \ --runtime=100 --numjobs=40 --time_based --name=test \ --ioengine=libaio Fix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which is just fine in case of running out of tag.
History

Wed, 27 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:rhel_eus:8.8

Fri, 22 Nov 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_e4s:9.0::nfv
Vendors & Products Redhat rhel E4s

Fri, 22 Nov 2024 12:00:00 +0000


Tue, 05 Nov 2024 10:45:00 +0000


Tue, 05 Nov 2024 10:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 30 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_eus:9.2::nfv
Vendors & Products Redhat rhel Eus

Wed, 16 Oct 2024 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9

Wed, 11 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-02T06:49:13.834Z

Updated: 2024-12-19T08:44:43.309Z

Reserved: 2024-02-19T14:20:24.150Z

Link: CVE-2024-26671

cve-icon Vulnrichment

Updated: 2024-08-02T00:14:12.464Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-02T07:15:43.830

Modified: 2024-11-21T09:02:48.720

Link: CVE-2024-26671

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-04-02T00:00:00Z

Links: CVE-2024-26671 - Bugzilla