CVE-2024-35793
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-35793
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35793.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-35793
- Downstream
- Published
- 2024-05-17T12:24:56Z
- Modified
- 2025-10-15T10:24:37.383558Z
- Summary
- debugfs: fix wait/cancellation handling during remove
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
debugfs: fix wait/cancellation handling during remove
Ben Greear further reports deadlocks during concurrent debugfs remove while files are being accessed, even though the code in question now uses debugfs cancellations. Turns out that despite all the review on the locking, we missed completely that the logic is wrong: if the refcount hits zero we can finish (and need not wait for the completion), but if it doesn't we have to trigger all the cancellations. As written, we can never get into the loop triggering the cancellations. Fix this, and explain it better while at it.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c88a474357ead632b07c70bf7f119ace8c3b39eFixede88b5ae01901c4a655a53158397746334778a57b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c88a474357ead632b07c70bf7f119ace8c3b39eFixed3d08cca5fd0aabb62b7015067ab40913b33da906
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c88a474357ead632b07c70bf7f119ace8c3b39eFixed952c3fce297f12c7ff59380adb66b564e2bc9b64
Affected versions
v6.*
v6.6
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.11
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
Database specific
{
"vanir_signatures": [
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "fs/debugfs/inode.c",
"function": "__debugfs_file_removed"
},
"id": "CVE-2024-35793-058d2778",
"digest": {
"length": 642.0,
"function_hash": "66293385639760594758688015004960150132"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e88b5ae01901c4a655a53158397746334778a57b"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "fs/debugfs/inode.c"
},
"id": "CVE-2024-35793-6c344179",
"digest": {
"line_hashes": [
"223281301804050658783129851484012267347",
"241061468567939552369688013334980845740",
"2749785092049922200173066757550014483",
"336173135200937715625521126188312955810",
"311678553293049501678999953035998647028",
"117003139145337471245504861936534247447",
"123475824034474853772298102842349890722"
],
"threshold": 0.9
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@952c3fce297f12c7ff59380adb66b564e2bc9b64"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "fs/debugfs/inode.c",
"function": "__debugfs_file_removed"
},
"id": "CVE-2024-35793-959281a6",
"digest": {
"length": 642.0,
"function_hash": "66293385639760594758688015004960150132"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@952c3fce297f12c7ff59380adb66b564e2bc9b64"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "fs/debugfs/inode.c",
"function": "__debugfs_file_removed"
},
"id": "CVE-2024-35793-aae79884",
"digest": {
"length": 642.0,
"function_hash": "66293385639760594758688015004960150132"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3d08cca5fd0aabb62b7015067ab40913b33da906"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "fs/debugfs/inode.c"
},
"id": "CVE-2024-35793-b9798d3d",
"digest": {
"line_hashes": [
"223281301804050658783129851484012267347",
"241061468567939552369688013334980845740",
"2749785092049922200173066757550014483",
"336173135200937715625521126188312955810",
"311678553293049501678999953035998647028",
"117003139145337471245504861936534247447",
"123475824034474853772298102842349890722"
],
"threshold": 0.9
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3d08cca5fd0aabb62b7015067ab40913b33da906"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "fs/debugfs/inode.c"
},
"id": "CVE-2024-35793-df2d5a22",
"digest": {
"line_hashes": [
"223281301804050658783129851484012267347",
"241061468567939552369688013334980845740",
"2749785092049922200173066757550014483",
"336173135200937715625521126188312955810",
"311678553293049501678999953035998647028",
"117003139145337471245504861936534247447",
"123475824034474853772298102842349890722"
],
"threshold": 0.9
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e88b5ae01901c4a655a53158397746334778a57b"
}
]
}