发布于3月6日3月6日 Members Oracle Linux: CVE-2024-38663: ELSA-2024-4583:kernel security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 06/24/2024 Created 07/22/2024 Added 08/16/2024 Modified 01/07/2025 Description In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()"), each iostat instance is added to blkcg percpu list, so blkcg_reset_stats() can't reset the stat instance by memset(), otherwise the llist may be corrupted. Fix the issue by only resetting the counter part. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2024-38663 CVE - 2024-38663 ELSA-2024-4583
