发布于3月6日3月6日 Members Red Hat: CVE-2024-38384: kernel: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 06/24/2024 Created 09/14/2024 Added 09/13/2024 Modified 02/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued __blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start is being executed. If WRITE of `->lqueued` is re-ordered with READ of 'bisc->lnode.next' in the loop of __blkcg_rstat_flush(), `next_bisc` can be assigned with one stat instance being added in blk_cgroup_bio_start(), then the local list in __blkcg_rstat_flush() could be corrupted. Fix the issue by adding one barrier. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2024-38384 RHSA-2024:10771 RHSA-2024:5066 RHSA-2024:5067
