CVE - CVE-2024-38582

CVE-ID
CVE-2024-38582	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfs_detach_log_writer() Syzbot has reported a potential hang in nilfs_detach_log_writer() called during nilfs2 unmount. Analysis revealed that this is because nilfs_segctor_sync(), which synchronizes with the log writer thread, can be called after nilfs_segctor_destroy() terminates that thread, as shown in the call trace below: nilfs_detach_log_writer nilfs_segctor_destroy nilfs_segctor_kill_thread --> Shut down log writer thread flush_work nilfs_iput_work_func nilfs_dispose_list iput nilfs_evict_inode nilfs_transaction_commit nilfs_construct_segment (if inode needs sync) nilfs_segctor_sync --> Attempt to synchronize with log writer thread * DEADLOCK * Fix this issue by changing nilfs_segctor_sync() so that the log writer thread returns normally without synchronizing after it terminates, and by forcing tasks that are already waiting to complete once after the thread terminates. The skipped inode metadata flushout will then be processed together in the subsequent cleanup work in nilfs_segctor_destroy().
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfd URL:https://git.kernel.org/stable/c/06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfd MISC:https://git.kernel.org/stable/c/1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0 URL:https://git.kernel.org/stable/c/1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0 MISC:https://git.kernel.org/stable/c/6e5c8e8e024e147b834f56f2115aad241433679b URL:https://git.kernel.org/stable/c/6e5c8e8e024e147b834f56f2115aad241433679b MISC:https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830 URL:https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830 MISC:https://git.kernel.org/stable/c/a8799662fed1f8747edae87a1937549288baca6a URL:https://git.kernel.org/stable/c/a8799662fed1f8747edae87a1937549288baca6a MISC:https://git.kernel.org/stable/c/bc9cee50a4a4ca23bdc49f75ea8242d8a2193b3b URL:https://git.kernel.org/stable/c/bc9cee50a4a4ca23bdc49f75ea8242d8a2193b3b MISC:https://git.kernel.org/stable/c/c516db6ab9eabbedbc430b4f93b0d8728e9b427f URL:https://git.kernel.org/stable/c/c516db6ab9eabbedbc430b4f93b0d8728e9b427f MISC:https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e URL:https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e MISC:https://git.kernel.org/stable/c/eff7cdf890b02596b8d73e910bdbdd489175dbdb URL:https://git.kernel.org/stable/c/eff7cdf890b02596b8d73e910bdbdd489175dbdb MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Assigning CNA
kernel.org
Date Record Created
20240618	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240618)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)