CVE-2024-36882
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/05/2024
Last modified:
10/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
mm: use memalloc_nofs_save() in page_cache_ra_order()<br />
<br />
See commit f2c817bed58d ("mm: use memalloc_nofs_save in readahead path"),<br />
ensure that page_cache_ra_order() do not attempt to reclaim file-backed<br />
pages too, or it leads to a deadlock, found issue when test ext4 large<br />
folio.<br />
<br />
INFO: task DataXceiver for:7494 blocked for more than 120 seconds.<br />
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.<br />
task:DataXceiver for state:D stack:0 pid:7494 ppid:1 flags:0x00000200<br />
Call trace:<br />
__switch_to+0x14c/0x240<br />
__schedule+0x82c/0xdd0<br />
schedule+0x58/0xf0<br />
io_schedule+0x24/0xa0<br />
__folio_lock+0x130/0x300<br />
migrate_pages_batch+0x378/0x918<br />
migrate_pages+0x350/0x700<br />
compact_zone+0x63c/0xb38<br />
compact_zone_order+0xc0/0x118<br />
try_to_compact_pages+0xb0/0x280<br />
__alloc_pages_direct_compact+0x98/0x248<br />
__alloc_pages+0x510/0x1110<br />
alloc_pages+0x9c/0x130<br />
folio_alloc+0x20/0x78<br />
filemap_alloc_folio+0x8c/0x1b0<br />
page_cache_ra_order+0x174/0x308<br />
ondemand_readahead+0x1c8/0x2b8<br />
page_cache_async_ra+0x68/0xb8<br />
filemap_readahead.isra.0+0x64/0xa8<br />
filemap_get_pages+0x3fc/0x5b0<br />
filemap_splice_read+0xf4/0x280<br />
ext4_file_splice_read+0x2c/0x48 [ext4]<br />
vfs_splice_read.part.0+0xa8/0x118<br />
splice_direct_to_actor+0xbc/0x288<br />
do_splice_direct+0x9c/0x108<br />
do_sendfile+0x328/0x468<br />
__arm64_sys_sendfile64+0x8c/0x148<br />
invoke_syscall+0x4c/0x118<br />
el0_svc_common.constprop.0+0xc8/0xf0<br />
do_el0_svc+0x24/0x38<br />
el0_svc+0x4c/0x1f8<br />
el0t_64_sync_handler+0xc0/0xc8<br />
el0t_64_sync+0x188/0x190
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.18 (including) | 6.1.91 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.31 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/30153e4466647a17eebfced13eede5cbe4290e69
- https://git.kernel.org/stable/c/468971c3f4b8187f25334503b68050a0e1370147
- https://git.kernel.org/stable/c/7629ef6dda1564098aadeef38e5fbd11ee8627c4
- https://git.kernel.org/stable/c/cf6a1d16c6df3c30b03f0c6a92a2ba7f86dffb45
- https://git.kernel.org/stable/c/30153e4466647a17eebfced13eede5cbe4290e69
- https://git.kernel.org/stable/c/468971c3f4b8187f25334503b68050a0e1370147
- https://git.kernel.org/stable/c/7629ef6dda1564098aadeef38e5fbd11ee8627c4
- https://git.kernel.org/stable/c/cf6a1d16c6df3c30b03f0c6a92a2ba7f86dffb45