Ubuntu: (Multiple Advisories) (CVE-2024-36908): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-36908): Linux kernel vulnerabilities

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/30/2024

Created

08/10/2024

Added

08/09/2024

Modified

01/23/2025

Description

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: do not WARN if iocg was already offlined In iocg_pay_debt(), warn is triggered if 'active_list' is empty, which is intended to confirm iocg is active when it has debt. However, warn can be triggered during a blkcg or disk removal, if iocg_waitq_timer_fn() is run at that time: WARNING: CPU: 0 PID: 2344971 at block/blk-iocost.c:1402 iocg_pay_debt+0x14c/0x190 Call trace: iocg_pay_debt+0x14c/0x190 iocg_kick_waitq+0x438/0x4c0 iocg_waitq_timer_fn+0xd8/0x130 __run_hrtimer+0x144/0x45c __hrtimer_run_queues+0x16c/0x244 hrtimer_interrupt+0x2cc/0x7b0 The warn in this situation is meaningless. Since this iocg is being removed, the state of the 'active_list' is irrelevant, and 'waitq_timer' is canceled after removing 'active_list' in ioc_pd_free(), which ensures iocg is freed after iocg_waitq_timer_fn() returns. Therefore, add the check if iocg was already offlined to avoid warn when removing a blkcg or disk.

Solution(s)

• ubuntu-upgrade-linux-image-6-8-0-1008-gke
• ubuntu-upgrade-linux-image-6-8-0-1009-raspi
• ubuntu-upgrade-linux-image-6-8-0-1010-ibm
• ubuntu-upgrade-linux-image-6-8-0-1010-oem
• ubuntu-upgrade-linux-image-6-8-0-1010-oracle
• ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k
• ubuntu-upgrade-linux-image-6-8-0-1011-nvidia
• ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k
• ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-6-8-0-1012-azure
• ubuntu-upgrade-linux-image-6-8-0-1012-azure-fde
• ubuntu-upgrade-linux-image-6-8-0-1012-gcp
• ubuntu-upgrade-linux-image-6-8-0-1013-aws
• ubuntu-upgrade-linux-image-6-8-0-40-generic
• ubuntu-upgrade-linux-image-6-8-0-40-generic-64k
• ubuntu-upgrade-linux-image-6-8-0-40-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-azure-fde
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
• ubuntu-upgrade-linux-image-generic-hwe-24-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-gke
• ubuntu-upgrade-linux-image-ibm
• ubuntu-upgrade-linux-image-ibm-classic
• ubuntu-upgrade-linux-image-ibm-lts-24-04
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-nvidia
• ubuntu-upgrade-linux-image-nvidia-6-8
• ubuntu-upgrade-linux-image-nvidia-64k
• ubuntu-upgrade-linux-image-nvidia-64k-6-8
• ubuntu-upgrade-linux-image-nvidia-lowlatency
• ubuntu-upgrade-linux-image-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-oem-24-04
• ubuntu-upgrade-linux-image-oem-24-04a
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-oracle-64k
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-24-04

References

• https://attackerkb.com/topics/cve-2024-36908
• CVE - 2024-36908
• USN-6949-1
• USN-6949-2
• USN-6952-1
• USN-6952-2
• USN-6955-1