CVE-2024-56743
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56743
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56743.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-56743
- Downstream
- Published
- 2024-12-29T11:30:11.174Z
- Modified
- 2025-11-20T07:25:34.889692Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- nfs_common: must not hold RCU while calling nfsd_file_put_local
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nfscommon: must not hold RCU while calling nfsdfileputlocal
Move holding the RCU from nfstonfsdfileputlocal to nfstonfsdnetput. It is the call to nfsto->nfsdservput that requires the RCU anyway (the puts for nfsd_file and netns were combined to avoid an extra indirect reference but that micro-optimization isn't possible now).
This fixes xfstests generic/013 and it triggering:
"Voluntary context switch within RCU read-side critical section!"
[ 143.545738] Call Trace: [ 143.546206] <TASK> [ 143.546625] ? showregs+0x6d/0x80 [ 143.547267] ? _warn+0x91/0x140 [ 143.547951] ? rcunotecontextswitch+0x496/0x5d0 [ 143.548856] ? reportbug+0x193/0x1a0 [ 143.549557] ? handlebug+0x63/0xa0 [ 143.550214] ? excinvalidop+0x1d/0x80 [ 143.550938] ? asmexcinvalidop+0x1f/0x30 [ 143.551736] ? rcunotecontextswitch+0x496/0x5d0 [ 143.552634] ? wakeuppreempt+0x62/0x70 [ 143.553358] _schedule+0xaa/0x1380 [ 143.554025] ? _rawspinunlockirqrestore+0x12/0x40 [ 143.554958] ? trytowakeup+0x1fe/0x6b0 [ 143.555715] ? wakeupprocess+0x19/0x20 [ 143.556452] schedule+0x2e/0x120 [ 143.557066] schedulepreemptdisabled+0x19/0x30 [ 143.557933] rwsemdownreadslowpath+0x24d/0x4a0 [ 143.558818] ? xfsefiitemformat+0x50/0xc0 [xfs] [ 143.559894] downread+0x4e/0xb0 [ 143.560519] xlogcilcommit+0x1b2/0xbc0 [xfs] [ 143.561460] ? rawspinunlock+0x12/0x30 [ 143.562212] ? xfsinodeitemprecommit+0xc7/0x220 [xfs] [ 143.563309] ? xfstransrunprecommits+0x69/0xd0 [xfs] [ 143.564394] _xfstranscommit+0xb5/0x330 [xfs] [ 143.565367] xfstransroll+0x48/0xc0 [xfs] [ 143.566262] xfsdefertransroll+0x57/0x100 [xfs] [ 143.567278] xfsdeferfinishnoroll+0x27a/0x490 [xfs] [ 143.568342] xfsdeferfinish+0x1a/0x80 [xfs] [ 143.569267] xfsbunmapirange+0x4d/0xb0 [xfs] [ 143.570208] xfsitruncateextentsflags+0x13d/0x230 [xfs] [ 143.571353] xfsfreeeofblocks+0x12e/0x190 [xfs] [ 143.572359] xfsfilerelease+0x12d/0x140 [xfs] [ 143.573324] _fput+0xe8/0x2d0 [ 143.573922] _fputsync+0x1d/0x30 [ 143.574574] nfsdfilpclose+0x33/0x60 [nfsd] [ 143.575430] nfsdfilefree+0x96/0x150 [nfsd] [ 143.576274] nfsdfileput+0xf7/0x1a0 [nfsd] [ 143.577104] nfsdfileputlocal+0x18/0x30 [nfsd] [ 143.578070] nfscloselocalfh+0x101/0x110 [nfslocalio] [ 143.579079] _putnfsopencontext+0xc9/0x180 [nfs] [ 143.580031] nfsfileclearopencontext+0x4a/0x60 [nfs] [ 143.581038] nfsfilerelease+0x3e/0x60 [nfs] [ 143.581879] _fput+0xe8/0x2d0 [ 143.582464] _fputsync+0x1d/0x30 [ 143.583108] _x64sysclose+0x41/0x80 [ 143.583823] x64syscall+0x189a/0x20d0 [ 143.584552] dosyscall64+0x64/0x170 [ 143.585240] entrySYSCALL64after_hwframe+0x76/0x7e [ 143.586185] RIP: 0033:0x7f3c5153efd7
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65f2a5c366353da6fa724c68347e1de954928143Fixed3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65f2a5c366353da6fa724c68347e1de954928143Fixedc840b8e1f039e90f97ca55525667eb961422f86c
Database specific
vanir_signatures
[
{
"target": {
"file": "fs/nfsd/filecache.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"306113461732480910674681253194310220530",
"66880715032267815541086575393189961995",
"199196158744821896742439547216632802502",
"3210935556737471973273247364606164967"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-03a2a068"
},
{
"target": {
"file": "include/linux/nfslocalio.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"128845140829197873899731148476483832992",
"243818284679346594855098510066842609100",
"199955173261895087010435297390780380799",
"57529319901777502242384134929398072685",
"233436333424150336068092692503506243863",
"38545965815146591601128003380556358482",
"287148825411473846518209306675239626186",
"110064496914306090425184610612947747195",
"171848832006150277025831449603605303809",
"25054754671101433691447341233993508142",
"202904325797143421857705668281994448245",
"298635544756007165579166149373533006274",
"108128528199620347565406611358081864138"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-071c1cd8"
},
{
"target": {
"function": "__must_hold",
"file": "fs/nfsd/filecache.c"
},
"signature_version": "v1",
"digest": {
"length": 88.0,
"function_hash": "36135969231708352761397406144551964166"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-18615f7d"
},
{
"target": {
"file": "fs/nfsd/filecache.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"208113172606563012027516415520593265987",
"140785663188929515086936391943848019457",
"283040279000186917542847284246067169332",
"214659318316187135522111141019078835468",
"33732905609353059004990745802917618880",
"249542004969339892444512914425630291078",
"318798259002470359127057518875871328055",
"167377811054646527289270268147788135971",
"162110647538644252733988629641145010702"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-3c7152ba"
},
{
"target": {
"file": "fs/nfsd/filecache.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"208113172606563012027516415520593265987",
"140785663188929515086936391943848019457",
"283040279000186917542847284246067169332",
"214659318316187135522111141019078835468",
"33732905609353059004990745802917618880",
"249542004969339892444512914425630291078",
"318798259002470359127057518875871328055",
"167377811054646527289270268147788135971",
"162110647538644252733988629641145010702"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-45028aff"
},
{
"target": {
"file": "fs/nfs_common/nfslocalio.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"9207507189459848886991570322837267298",
"258994372341363200126303800039420454803",
"32215603729172810654427697873029009874",
"332279926860803418814527421026204105780",
"221919451573041183245483624951108207519",
"230610613170610130547169317618837574907",
"265325227275906996629045511923205671352",
"253232792911348976793830212576734957540"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-5d9b510f"
},
{
"target": {
"function": "nfs_to_nfsd_file_put_local",
"file": "include/linux/nfslocalio.h"
},
"signature_version": "v1",
"digest": {
"length": 122.0,
"function_hash": "305047387258249786184449960883875259808"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-848bc9d3"
},
{
"target": {
"function": "nfs_open_local_fh",
"file": "fs/nfs_common/nfslocalio.c"
},
"signature_version": "v1",
"digest": {
"length": 510.0,
"function_hash": "94914262692204188035961302466731221537"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-aca2a01f"
},
{
"target": {
"file": "include/linux/nfslocalio.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"128845140829197873899731148476483832992",
"243818284679346594855098510066842609100",
"199955173261895087010435297390780380799",
"57529319901777502242384134929398072685",
"233436333424150336068092692503506243863",
"38545965815146591601128003380556358482",
"287148825411473846518209306675239626186",
"110064496914306090425184610612947747195",
"171848832006150277025831449603605303809",
"25054754671101433691447341233993508142",
"202904325797143421857705668281994448245",
"298635544756007165579166149373533006274",
"108128528199620347565406611358081864138"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3e6e3e97d64f50d9b6b1d62274f08925b1adbfc2",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-b4caa22f"
},
{
"target": {
"function": "__must_hold",
"file": "fs/nfsd/filecache.c"
},
"signature_version": "v1",
"digest": {
"length": 88.0,
"function_hash": "36135969231708352761397406144551964166"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-b68994de"
},
{
"target": {
"function": "nfs_open_local_fh",
"file": "fs/nfs_common/nfslocalio.c"
},
"signature_version": "v1",
"digest": {
"length": 510.0,
"function_hash": "94914262692204188035961302466731221537"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-c5f393bb"
},
{
"target": {
"file": "fs/nfsd/filecache.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"306113461732480910674681253194310220530",
"66880715032267815541086575393189961995",
"199196158744821896742439547216632802502",
"3210935556737471973273247364606164967"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-dc10f057"
},
{
"target": {
"file": "fs/nfs_common/nfslocalio.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"9207507189459848886991570322837267298",
"258994372341363200126303800039420454803",
"32215603729172810654427697873029009874",
"332279926860803418814527421026204105780",
"221919451573041183245483624951108207519",
"230610613170610130547169317618837574907",
"265325227275906996629045511923205671352",
"253232792911348976793830212576734957540"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2024-56743-e663a4d1"
},
{
"target": {
"function": "nfs_to_nfsd_file_put_local",
"file": "include/linux/nfslocalio.h"
},
"signature_version": "v1",
"digest": {
"length": 122.0,
"function_hash": "305047387258249786184449960883875259808"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c840b8e1f039e90f97ca55525667eb961422f86c",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2024-56743-f2acad67"
}
]