cve/2024/CVE-2024-27009.md

### [CVE-2024-27009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27009)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2297791c92d0%3C%203076b3c38a70%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel, the following vulnerability has been resolved:s390/cio: fix race condition during online processingA race condition exists in ccw_device_set_online() that can cause theonline process to fail, leaving the affected device in an inconsistentstate. As a result, subsequent attempts to set that device online failwith return code ENODEV.The problem occurs when a path verification request arrives aftera wait for final device state completed, but before the result stateis evaluated.Fix this by ensuring that the CCW-device lock is held betweendetermining final state and checking result state.Note that since:commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")path verification requests are much more likely to occur during boot,resulting in an increased chance of this race condition occurring.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2024-27009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27009)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=2297791c92d0%3C%203076b3c38a70%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:s390/cio: fix race condition during online processingA race condition exists in ccw_device_set_online() that can cause theonline process to fail, leaving the affected device in an inconsistentstate. As a result, subsequent attempts to set that device online failwith return code ENODEV.The problem occurs when a path verification request arrives aftera wait for final device state completed, but before the result stateis evaluated.Fix this by ensuring that the CCW-device lock is held betweendetermining final state and checking result state.Note that since:commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")path verification requests are much more likely to occur during boot,resulting in an increased chance of this race condition occurring.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`