1.8 KiB
CVE-2024-26899
Description
In the Linux kernel, the following vulnerability has been resolved:block: fix deadlock between bd_link_disk_holder and partition scan'open_mutex' of gendisk is used to protect open/close block devices. Butin bd_link_disk_holder(), it is used to protect the creation of symlinkbetween holding disk and slave bdev, which introduces some issues.When bd_link_disk_holder() is called, the driver is usually in the processof initialization/modification and may suspend submitting io. At thistime, any io hold 'open_mutex', such as scanning partitions, can causedeadlocks. For example, in raid:T1 T2bdev_open_by_dev lock open_mutex [1] ... efi_partition ... md_submit_bio md_ioctl mddev_syspend -> suspend all io md_add_new_disk bind_rdev_to_array bd_link_disk_holder try lock open_mutex [2] md_handle_request -> wait mddev_resumeT1 scan partition, T2 add a new device to raid. T1 waits for T2 to resumemddev, but T2 waits for open_mutex held by T1. Deadlock occurs.Fix it by introducing a local mutex 'blk_holder_mutex' to replace'open_mutex'.
POC
Reference
Github
No PoCs found on GitHub currently.