CVE-2024-35974
- Source
- https://cve.org/CVERecord?id=CVE-2024-35974
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35974.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-35974
- Downstream
- Related
- Published
- 2024-05-20T09:42:01.114Z
- Modified
- 2026-03-14T12:34:06.006808Z
- Summary
- block: fix q->blkg_list corruption during disk rebind
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
block: fix q->blkg_list corruption during disk rebind
Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkglist when calling blkcginitdisk() for rebind, then q->blkglist becomes corrupted.
Fix the list corruption issue by:
- add blkginitqueue() to initialize q->blkglist & q->blkcgmutex only
- move calling blkginitqueue() into blkallocqueue()
The list corruption should be started since commit f1c006f1c685 ("blk-cgroup: synchronize pdfreefn() from blkgfreeworkfn() and blkcgdeactivatepolicy()") which delays removing blkg from q->blkglist into blkgfree_workfn().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35974.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/083b58373463a6e5ee60ecb135269348f68ad7df
- https://git.kernel.org/stable/c/740ffad95ca8033bd6e080ed337655b13b4d38ac
- https://git.kernel.org/stable/c/858c489d81d659af17a4d11cfaad2afb42e47a76
- https://git.kernel.org/stable/c/8b8ace080319a866f5dfe9da8e665ae51d971c54
- https://git.kernel.org/stable/c/b5dae1cd0d8368b4338430ff93403df67f0b8bcc
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35974.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-35974
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced81c1188905f88b77743d1fdeeedfc8cb7b67787dFixedb5dae1cd0d8368b4338430ff93403df67f0b8bcc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedbfe46d2efe46c5c952f982e2ca94fe2ec5e58e2aFixed083b58373463a6e5ee60ecb135269348f68ad7df
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1059699f87eb0b3aa9d574b91a572d534897134aFixed740ffad95ca8033bd6e080ed337655b13b4d38acFixed858c489d81d659af17a4d11cfaad2afb42e47a76Fixed8b8ace080319a866f5dfe9da8e665ae51d971c54