CVE-2024-27023

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-27023
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27023.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-27023
Downstream
Published
2024-05-01T12:49:21Z
Modified
2025-10-17T02:07:35.227417Z
Summary
md: Fix missing release of 'active_io' for flush
Details

In the Linux kernel, the following vulnerability has been resolved:

md: Fix missing release of 'active_io' for flush

submitflushes atomicset(&mddev->flushpending, 1); rdevforeachrcu(rdev, mddev) atomicinc(&mddev->flushpending); bi->biendio = mdendflush submitbio(bi); /* flush io is done first */ mdendflush if (atomicdecandtest(&mddev->flushpending)) percpurefput(&mddev->activeio) -> active_io is not released

if (atomicdecandtest(&mddev->flushpending)) -> missing release of active_io

For consequence, mddevsuspend() will wait for 'activeio' to be zero forever.

Fix this problem by releasing 'activeio' in submitflushes() if 'flush_pending' is decreased to zero.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f9f2d957a8ea93c73182aebf7de30935a58c027d
Fixed
6b2ff10390b19a2364af622b6666b690443f9f3f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
530cec617f5a8ba6f26bcbf0d64d75c951d17730
Fixed
02dad157ba11064d073f5499dc33552b227d5d3a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c4c2345214b66e2505a26fd2ea58839dd7a1d48d
Fixed
11f81438927f84edfaaeb5d5f10856c3a1c1fc82
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fa2bbff7b0b4e211fec5e5686ef96350690597b5
Fixed
855678ed8534518e2b428bcbcec695de9ba248e8

Affected versions

v6.*

v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.7
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.8-rc1

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "44606919034761990457927544583031070689",
                "115396081585269589644595353985063688577",
                "294039982810670788420433012617993611282",
                "15923521732393378834701026608222779599",
                "110359776292670056942190127525199154731"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b2ff10390b19a2364af622b6666b690443f9f3f",
        "target": {
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-3c3054a7",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "digest": {
            "length": 801.0,
            "function_hash": "185414758039856867247992610183758087112"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b2ff10390b19a2364af622b6666b690443f9f3f",
        "target": {
            "function": "submit_flushes",
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-3ef458fc",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "44606919034761990457927544583031070689",
                "115396081585269589644595353985063688577",
                "294039982810670788420433012617993611282",
                "15923521732393378834701026608222779599",
                "110359776292670056942190127525199154731"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11f81438927f84edfaaeb5d5f10856c3a1c1fc82",
        "target": {
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-5f0c7914",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "44606919034761990457927544583031070689",
                "115396081585269589644595353985063688577",
                "294039982810670788420433012617993611282",
                "15923521732393378834701026608222779599",
                "110359776292670056942190127525199154731"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@02dad157ba11064d073f5499dc33552b227d5d3a",
        "target": {
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-641aec75",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "digest": {
            "length": 801.0,
            "function_hash": "185414758039856867247992610183758087112"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@02dad157ba11064d073f5499dc33552b227d5d3a",
        "target": {
            "function": "submit_flushes",
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-74659141",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "44606919034761990457927544583031070689",
                "115396081585269589644595353985063688577",
                "294039982810670788420433012617993611282",
                "15923521732393378834701026608222779599",
                "110359776292670056942190127525199154731"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@855678ed8534518e2b428bcbcec695de9ba248e8",
        "target": {
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-7541b07e",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "digest": {
            "length": 801.0,
            "function_hash": "185414758039856867247992610183758087112"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11f81438927f84edfaaeb5d5f10856c3a1c1fc82",
        "target": {
            "function": "submit_flushes",
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-a43f8462",
        "signature_version": "v1",
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "digest": {
            "length": 801.0,
            "function_hash": "185414758039856867247992610183758087112"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@855678ed8534518e2b428bcbcec695de9ba248e8",
        "target": {
            "function": "submit_flushes",
            "file": "drivers/md/md.c"
        },
        "id": "CVE-2024-27023-cdfeceee",
        "signature_version": "v1",
        "deprecated": false
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.1.75
Fixed
6.1.80
Type
ECOSYSTEM
Events
Introduced
6.6.14
Fixed
6.6.19
Type
ECOSYSTEM
Events
Introduced
6.7.2
Fixed
6.7.7