CVE-2024-38384

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-38384

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38384.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-38384

Downstream

BELL-CVE-2024-38384

DEBIAN-CVE-2024-38384

OESA-2024-1863

RHSA-2024:10771

RHSA-2024:5066

RHSA-2024:5067

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-38384

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7008-1

USN-7029-1

Related

Published

2024-06-24T13:50:51Z

Modified

2025-10-17T07:17:13.595839Z

Severity

8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

blk-cgroup: fix list corruption from reorder of WRITE ->lqueued

Details

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: fix list corruption from reorder of WRITE ->lqueued

_blkcgrstatflush() can be run anytime, especially when blkcgroupbiostart is being executed.

If WRITE of ->lqueued is re-ordered with READ of 'bisc->lnode.next' in the loop of _blkcgrstatflush(), next_bisc can be assigned with one stat instance being added in blkcgroupbiostart(), then the local list in _blkcgrstat_flush() could be corrupted.

Fix the issue by adding one barrier.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3b8cc6298724021da845f2f9fd7dd4b6829a6817

Fixed

714e59b5456e4d6e4295a9968c564abe193f461c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3b8cc6298724021da845f2f9fd7dd4b6829a6817

Fixed

785298ab6b802afa75089239266b6bbea590809c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3b8cc6298724021da845f2f9fd7dd4b6829a6817

Fixed

d0aac2363549e12cc79b8e285f13d5a9f42fd08e

Affected versions

v6.*

v6.1

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

v6.9.1

v6.9.2

v6.9.3

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.33

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.9.4