cvelistv5 - CVE-2024-56780

CVE-2024-56780

Vulnerability from cvelistv5

Published

2025-01-08 17:49

Modified

2025-01-20 06:28

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race: 1. dquot are added to releasing_dquots list during regular operations. 2. FS Freeze starts, however, this does not flush the quota_release_work queue. 3. Freeze completes. 4. Kernel eventually tries to flush the workqueue while FS is frozen which hits a WARN_ON since transaction gets started during frozen state: ext4_journal_check_start+0x28/0x110 [ext4] (unreliable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0 Which is the following line: WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE); Which ultimately results in generic/390 failing due to dmesg noise. This was detected on powerpc machine 15 cores. To avoid this, make sure to flush the workqueue during dquot_writeback_dquots() so we dont have any pending workitems after freeze.

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a	Patch

Impacted products

Vendor

Product

Version

▼

Linux

Version: d40c192e119892799dd4ddf94f5cea6fa93775ef
Version: 86d89987f0998c98f57d641e308b40452a994045
Version: 89602de9a2d7080b7a4029d5c1bf8f78d295ff5f
Version: 3027e200dd58d5b437f16634dbbd355b29ffe0a6
Version: dabc8b20756601b9e1cc85a81d47d3f98ed4d13a
Version: dabc8b20756601b9e1cc85a81d47d3f98ed4d13a
Version: dabc8b20756601b9e1cc85a81d47d3f98ed4d13a

Linux

Version: 6.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/quota/dquot.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a5abba5e0e586e258ded3e798fe5f69c66fec198",
              "status": "affected",
              "version": "d40c192e119892799dd4ddf94f5cea6fa93775ef",
              "versionType": "git"
            },
            {
              "lessThan": "6f3821acd7c3143145999248087de5fb4b48cf26",
              "status": "affected",
              "version": "86d89987f0998c98f57d641e308b40452a994045",
              "versionType": "git"
            },
            {
              "lessThan": "ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb",
              "status": "affected",
              "version": "89602de9a2d7080b7a4029d5c1bf8f78d295ff5f",
              "versionType": "git"
            },
            {
              "lessThan": "3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb",
              "status": "affected",
              "version": "3027e200dd58d5b437f16634dbbd355b29ffe0a6",
              "versionType": "git"
            },
            {
              "lessThan": "bcacb52a985f1b6d280f698a470b873dfe52728a",
              "status": "affected",
              "version": "dabc8b20756601b9e1cc85a81d47d3f98ed4d13a",
              "versionType": "git"
            },
            {
              "lessThan": "8ea87e34792258825d290f4dc5216276e91cb224",
              "status": "affected",
              "version": "dabc8b20756601b9e1cc85a81d47d3f98ed4d13a",
              "versionType": "git"
            },
            {
              "lessThan": "ac6f420291b3fee1113f21d612fa88b628afab5b",
              "status": "affected",
              "version": "dabc8b20756601b9e1cc85a81d47d3f98ed4d13a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/quota/dquot.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.287",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.231",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.174",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.120",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: flush quota_release_work upon quota writeback\n\nOne of the paths quota writeback is called from is:\n\nfreeze_super()\n  sync_filesystem()\n    ext4_sync_fs()\n      dquot_writeback_dquots()\n\nSince we currently don\u0027t always flush the quota_release_work queue in\nthis path, we can end up with the following race:\n\n 1. dquot are added to releasing_dquots list during regular operations.\n 2. FS Freeze starts, however, this does not flush the quota_release_work queue.\n 3. Freeze completes.\n 4. Kernel eventually tries to flush the workqueue while FS is frozen which\n    hits a WARN_ON since transaction gets started during frozen state:\n\n  ext4_journal_check_start+0x28/0x110 [ext4] (unreliable)\n  __ext4_journal_start_sb+0x64/0x1c0 [ext4]\n  ext4_release_dquot+0x90/0x1d0 [ext4]\n  quota_release_workfn+0x43c/0x4d0\n\nWhich is the following line:\n\n  WARN_ON(sb-\u003es_writers.frozen == SB_FREEZE_COMPLETE);\n\nWhich ultimately results in generic/390 failing due to dmesg\nnoise. This was detected on powerpc machine 15 cores.\n\nTo avoid this, make sure to flush the workqueue during\ndquot_writeback_dquots() so we dont have any pending workitems after\nfreeze."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-20T06:28:01.531Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b"
        }
      ],
      "title": "quota: flush quota_release_work upon quota writeback",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56780",
    "datePublished": "2025-01-08T17:49:17.889Z",
    "dateReserved": "2024-12-29T11:26:39.768Z",
    "dateUpdated": "2025-01-20T06:28:01.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-56780\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-08T18:15:18.910\",\"lastModified\":\"2025-01-09T21:50:02.050\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nquota: flush quota_release_work upon quota writeback\\n\\nOne of the paths quota writeback is called from is:\\n\\nfreeze_super()\\n  sync_filesystem()\\n    ext4_sync_fs()\\n      dquot_writeback_dquots()\\n\\nSince we currently don\u0027t always flush the quota_release_work queue in\\nthis path, we can end up with the following race:\\n\\n 1. dquot are added to releasing_dquots list during regular operations.\\n 2. FS Freeze starts, however, this does not flush the quota_release_work queue.\\n 3. Freeze completes.\\n 4. Kernel eventually tries to flush the workqueue while FS is frozen which\\n    hits a WARN_ON since transaction gets started during frozen state:\\n\\n  ext4_journal_check_start+0x28/0x110 [ext4] (unreliable)\\n  __ext4_journal_start_sb+0x64/0x1c0 [ext4]\\n  ext4_release_dquot+0x90/0x1d0 [ext4]\\n  quota_release_workfn+0x43c/0x4d0\\n\\nWhich is the following line:\\n\\n  WARN_ON(sb-\u003es_writers.frozen == SB_FREEZE_COMPLETE);\\n\\nWhich ultimately results in generic/390 failing due to dmesg\\nnoise. This was detected on powerpc machine 15 cores.\\n\\nTo avoid this, make sure to flush the workqueue during\\ndquot_writeback_dquots() so we dont have any pending workitems after\\nfreeze.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: quota: vaciar quota_release_work al reescribir la cuota Una de las rutas desde las que se llama a la reescritura de cuota es: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Dado que actualmente no siempre vaciamos la cola quota_release_work en esta ruta, podemos terminar con la siguiente carrera: 1. dquot se agregan a la lista release_dquots durante las operaciones regulares. 2. FS Freeze comienza, sin embargo, esto no vac\u00eda la cola quota_release_work. 3. Freeze se completa. 4. El kernel finalmente intenta vaciar la cola de trabajo mientras FS est\u00e1 congelado, lo que genera un WARN_ON ya que la transacci\u00f3n se inicia durante el estado congelado: ext4_journal_check_start+0x28/0x110 [ext4] (no confiable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0 Que es la siguiente l\u00ednea: WARN_ON(sb-\u0026gt;s_writers.frozen == SB_FREEZE_COMPLETE); Lo que finalmente da como resultado que generic/390 falle debido al ruido de dmesg. Esto se detect\u00f3 en una m\u00e1quina PowerPC de 15 n\u00facleos. Para evitar esto, aseg\u00farese de vaciar la cola de trabajo durante dquot_writeback_dquots() para que no tengamos ning\u00fan elemento de trabajo pendiente despu\u00e9s del congelamiento.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19.295\",\"versionEndExcluding\":\"4.20\",\"matchCriteriaId\":\"17432972-1EC7-4C0A-9A09-36F90BE8963A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4.257\",\"versionEndExcluding\":\"5.4.287\",\"matchCriteriaId\":\"95D33EF5-7C1B-4CC4-AA45-A372E660A8FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10.195\",\"versionEndExcluding\":\"5.10.231\",\"matchCriteriaId\":\"22259BCA-C415-4B49-82E6-AF53F0942450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15.132\",\"versionEndExcluding\":\"5.15.174\",\"matchCriteriaId\":\"48D64CF9-6F08-4ED9-A1A0-4BB057B44945\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.53\",\"versionEndExcluding\":\"6.1.120\",\"matchCriteriaId\":\"4328D19A-54C2-4D2B-BBA7-D85BE5956B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.16\",\"versionEndExcluding\":\"6.5\",\"matchCriteriaId\":\"A5099559-2D15-42A5-A561-71B34FEFF36F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.3\",\"versionEndExcluding\":\"6.6.64\",\"matchCriteriaId\":\"713AA9D9-DD05-4AE0-8B46-932A79D99EF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.4\",\"matchCriteriaId\":\"04756810-D093-4B43-B1D9-CF5035968061\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}

wid-sec-w-2025-0035

Vulnerability from csaf_certbund

Published

2025-01-08 23:00

Modified

2025-01-08 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Auswirkungen zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder andere nicht spezifizierte Auswirkungen zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0035 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0035.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0035 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0035"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56770",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010803-CVE-2024-56770-62ce@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56771",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56771-3ace@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56772",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010810-CVE-2024-56772-a64d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56773",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56773-46a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56774",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56774-e09f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56775",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56775-b841@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56776",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56776-040d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56777",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56777-a145@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56778",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56778-45a9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56779",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56779-74f5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56780",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010813-CVE-2024-56780-6b91@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56781",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56781-7b75@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56782",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56782-d049@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56783",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56783-4ed9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56784",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56784-b2ba@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56785",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56785-5a66@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56786",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56786-1f56@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-56787",
        "url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56787-bd0b@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-08T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-09T11:42:11.578+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0035",
      "initial_release_date": "2025-01-08T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-08T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T008144",
              "product_identification_helper": {
                "cpe": "cpe:/a:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-56770",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-56771",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56771"
    },
    {
      "cve": "CVE-2024-56772",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56772"
    },
    {
      "cve": "CVE-2024-56773",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56773"
    },
    {
      "cve": "CVE-2024-56774",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56774"
    },
    {
      "cve": "CVE-2024-56775",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56775"
    },
    {
      "cve": "CVE-2024-56776",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56776"
    },
    {
      "cve": "CVE-2024-56777",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56777"
    },
    {
      "cve": "CVE-2024-56778",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56778"
    },
    {
      "cve": "CVE-2024-56779",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56779"
    },
    {
      "cve": "CVE-2024-56780",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56780"
    },
    {
      "cve": "CVE-2024-56781",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56781"
    },
    {
      "cve": "CVE-2024-56782",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56782"
    },
    {
      "cve": "CVE-2024-56783",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56783"
    },
    {
      "cve": "CVE-2024-56784",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56784"
    },
    {
      "cve": "CVE-2024-56785",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56785"
    },
    {
      "cve": "CVE-2024-56786",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56786"
    },
    {
      "cve": "CVE-2024-56787",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service zu verursachen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-08T23:00:00.000+00:00",
      "title": "CVE-2024-56787"
    }
  ]
}

ghsa-95w3-8433-6jf6

Vulnerability from github

Published

2025-01-08 18:30

Modified

2025-01-10 00:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

quota: flush quota_release_work upon quota writeback

One of the paths quota writeback is called from is:

freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots()

Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race:

dquot are added to releasing_dquots list during regular operations.
FS Freeze starts, however, this does not flush the quota_release_work queue.
Freeze completes.
Kernel eventually tries to flush the workqueue while FS is frozen which hits a WARN_ON since transaction gets started during frozen state:

ext4_journal_check_start+0x28/0x110 [ext4] (unreliable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0

Which is the following line:

WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE);

Which ultimately results in generic/390 failing due to dmesg noise. This was detected on powerpc machine 15 cores.

To avoid this, make sure to flush the workqueue during dquot_writeback_dquots() so we dont have any pending workitems after freeze.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-56780"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-08T18:15:18Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: flush quota_release_work upon quota writeback\n\nOne of the paths quota writeback is called from is:\n\nfreeze_super()\n  sync_filesystem()\n    ext4_sync_fs()\n      dquot_writeback_dquots()\n\nSince we currently don\u0027t always flush the quota_release_work queue in\nthis path, we can end up with the following race:\n\n 1. dquot are added to releasing_dquots list during regular operations.\n 2. FS Freeze starts, however, this does not flush the quota_release_work queue.\n 3. Freeze completes.\n 4. Kernel eventually tries to flush the workqueue while FS is frozen which\n    hits a WARN_ON since transaction gets started during frozen state:\n\n  ext4_journal_check_start+0x28/0x110 [ext4] (unreliable)\n  __ext4_journal_start_sb+0x64/0x1c0 [ext4]\n  ext4_release_dquot+0x90/0x1d0 [ext4]\n  quota_release_workfn+0x43c/0x4d0\n\nWhich is the following line:\n\n  WARN_ON(sb-\u003es_writers.frozen == SB_FREEZE_COMPLETE);\n\nWhich ultimately results in generic/390 failing due to dmesg\nnoise. This was detected on powerpc machine 15 cores.\n\nTo avoid this, make sure to flush the workqueue during\ndquot_writeback_dquots() so we dont have any pending workitems after\nfreeze.",
  "id": "GHSA-95w3-8433-6jf6",
  "modified": "2025-01-10T00:30:36Z",
  "published": "2025-01-08T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56780"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2024-56780

Vulnerability from fkie_nvd

Published

2025-01-08 18:15

Modified

2025-01-09 21:50

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	6.13

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17432972-1EC7-4C0A-9A09-36F90BE8963A",
              "versionEndExcluding": "4.20",
              "versionStartIncluding": "4.19.295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95D33EF5-7C1B-4CC4-AA45-A372E660A8FF",
              "versionEndExcluding": "5.4.287",
              "versionStartIncluding": "5.4.257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22259BCA-C415-4B49-82E6-AF53F0942450",
              "versionEndExcluding": "5.10.231",
              "versionStartIncluding": "5.10.195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D64CF9-6F08-4ED9-A1A0-4BB057B44945",
              "versionEndExcluding": "5.15.174",
              "versionStartIncluding": "5.15.132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4328D19A-54C2-4D2B-BBA7-D85BE5956B7D",
              "versionEndExcluding": "6.1.120",
              "versionStartIncluding": "6.1.53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5099559-2D15-42A5-A561-71B34FEFF36F",
              "versionEndExcluding": "6.5",
              "versionStartIncluding": "6.4.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713AA9D9-DD05-4AE0-8B46-932A79D99EF8",
              "versionEndExcluding": "6.6.64",
              "versionStartIncluding": "6.5.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04756810-D093-4B43-B1D9-CF5035968061",
              "versionEndExcluding": "6.12.4",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: flush quota_release_work upon quota writeback\n\nOne of the paths quota writeback is called from is:\n\nfreeze_super()\n  sync_filesystem()\n    ext4_sync_fs()\n      dquot_writeback_dquots()\n\nSince we currently don\u0027t always flush the quota_release_work queue in\nthis path, we can end up with the following race:\n\n 1. dquot are added to releasing_dquots list during regular operations.\n 2. FS Freeze starts, however, this does not flush the quota_release_work queue.\n 3. Freeze completes.\n 4. Kernel eventually tries to flush the workqueue while FS is frozen which\n    hits a WARN_ON since transaction gets started during frozen state:\n\n  ext4_journal_check_start+0x28/0x110 [ext4] (unreliable)\n  __ext4_journal_start_sb+0x64/0x1c0 [ext4]\n  ext4_release_dquot+0x90/0x1d0 [ext4]\n  quota_release_workfn+0x43c/0x4d0\n\nWhich is the following line:\n\n  WARN_ON(sb-\u003es_writers.frozen == SB_FREEZE_COMPLETE);\n\nWhich ultimately results in generic/390 failing due to dmesg\nnoise. This was detected on powerpc machine 15 cores.\n\nTo avoid this, make sure to flush the workqueue during\ndquot_writeback_dquots() so we dont have any pending workitems after\nfreeze."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: quota: vaciar quota_release_work al reescribir la cuota Una de las rutas desde las que se llama a la reescritura de cuota es: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Dado que actualmente no siempre vaciamos la cola quota_release_work en esta ruta, podemos terminar con la siguiente ejecuci\u00f3n: 1. dquot se agregan a la lista release_dquots durante las operaciones regulares. 2. FS Freeze comienza, sin embargo, esto no vac\u00eda la cola quota_release_work. 3. Freeze se completa. 4. El kernel finalmente intenta vaciar la cola de trabajo mientras FS est\u00e1 congelado, lo que genera un WARN_ON ya que la transacci\u00f3n se inicia durante el estado congelado: ext4_journal_check_start+0x28/0x110 [ext4] (no confiable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0 Que es la siguiente l\u00ednea: WARN_ON(sb-\u0026gt;s_writers.frozen == SB_FREEZE_COMPLETE); Lo que finalmente da como resultado que generic/390 falle debido al ruido de dmesg. Esto se detect\u00f3 en una m\u00e1quina PowerPC de 15 n\u00facleos. Para evitar esto, aseg\u00farese de vaciar la cola de trabajo durante dquot_writeback_dquots() para que no tengamos ning\u00fan elemento de trabajo pendiente despu\u00e9s del congelamiento."
    }
  ],
  "id": "CVE-2024-56780",
  "lastModified": "2025-01-09T21:50:02.050",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-08T18:15:18.910",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-56780

Vulnerability from cvelistv5

wid-sec-w-2025-0035

Vulnerability from csaf_certbund

ghsa-95w3-8433-6jf6

Vulnerability from github

fkie_cve-2024-56780

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature