CVE-2024-56780— quota: flush quota_release_work upon quota writeback
Affected Version Matrix 26
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d40c192e119892799dd4ddf94f5cea6fa93775ef< a5abba5e0e586e258ded3e798fe5f69c66fec198 | affected |
86d89987f0998c98f57d641e308b40452a994045< 6f3821acd7c3143145999248087de5fb4b48cf26 | affected | ||
89602de9a2d7080b7a4029d5c1bf8f78d295ff5f< ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb | affected | ||
3027e200dd58d5b437f16634dbbd355b29ffe0a6< 3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb | affected | ||
dabc8b20756601b9e1cc85a81d47d3f98ed4d13a< bcacb52a985f1b6d280f698a470b873dfe52728a | affected | ||
dabc8b20756601b9e1cc85a81d47d3f98ed4d13a< 8ea87e34792258825d290f4dc5216276e91cb224 | affected | ||
dabc8b20756601b9e1cc85a81d47d3f98ed4d13a< ac6f420291b3fee1113f21d612fa88b628afab5b | affected | ||
f3e9a2bbdeb8987508dd6bb2b701dea911d4daec | affected | ||
| … +18 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-56780
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
quota: flush quota_release_work upon quota writeback
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race: 1. dquot are added to releasing_dquots list during regular operations. 2. FS Freeze starts, however, this does not flush the quota_release_work queue. 3. Freeze completes. 4. Kernel eventually tries to flush the workqueue while FS is frozen which hits a WARN_ON since transaction gets started during frozen state: ext4_journal_check_start+0x28/0x110 [ext4] (unreliable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0 Which is the following line: WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE); Which ultimately results in generic/390 failing due to dmesg noise. This was detected on powerpc machine 15 cores. To avoid this, make sure to flush the workqueue during dquot_writeback_dquots() so we dont have any pending workitems after freeze.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于配额系统在冻结文件系统时,未始终刷新quota_release_work队列,可能导致在文件系统冻结状态下尝试启动事务,触发警告,影响文件系统的稳定性和性能。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-56780
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-56780
请登录查看更多情报信息。
Patches & Fixes for CVE-2024-56780 (7)
Same Patch Batch · Linux · 2025-01-08 · 16 CVEs total
| CVE-2024-56770 | net/sched: netem: account for backlog updates from child qdisc | |
| CVE-2024-56771 | mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information | |
| CVE-2024-56773 | kunit: Fix potential null dereference in kunit_device_driver_test() | |
| CVE-2024-56772 | kunit: string-stream: Fix a UAF bug in kunit_init_suite() | |
| CVE-2024-56774 | btrfs: add a sanity check for btrfs root in btrfs_search_slot() | |
| CVE-2024-56775 | drm/amd/display: Fix handling of plane refcount | |
| CVE-2024-56776 | drm/sti: avoid potential dereference of error pointers | |
| CVE-2024-56777 | drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check | |
| CVE-2024-56778 | drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check | |
| CVE-2024-56779 | nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur | |
| CVE-2024-56782 | ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() | |
| CVE-2024-56783 | netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level | |
| CVE-2024-56785 | MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a | |
| CVE-2024-56784 | drm/amd/display: Adding array index check to prevent memory corruption | |
| CVE-2024-56787 | soc: imx8m: Probe the SoC driver as platform driver |
IV. Related Vulnerabilities
V. Comments for CVE-2024-56780
No comments yet