CVE-2024-36924

Published: May 30, 2024Modified: Jan 10, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. Thus, lpfc_worker_wake_up() should not be called while holding the hbalock to avoid potential deadlock.

Affected (4)

Products: Linux: Linux Kernel

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 6.1.91
Linux Linux Kernel	From 6.2 to 6.6.31
Linux Linux Kernel	From 6.7 to 6.8.10
Linux Linux Kernel	Version 6.9 rc1

Related CWEs

Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (8)

https://git.kernel.org/stable/c/6503c39398506cadda9f4c81695a9655ca5fb4fd

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ded20192dff31c91cef2a04f7e20e60e9bb887d3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e8bf2c05e8ad68e90f9d5889a9e4ef3f6fe00683

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ee833d7e62de2b84ed1332d501b67f12e7e5678f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/6503c39398506cadda9f4c81695a9655ca5fb4fd

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ded20192dff31c91cef2a04f7e20e60e9bb887d3

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/e8bf2c05e8ad68e90f9d5889a9e4ef3f6fe00683

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ee833d7e62de2b84ed1332d501b67f12e7e5678f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.