CVE-2024-40977

During chip recovery (e.g. chip reset), there is a possible situation that kernel worker resetwork is holding the lock and waiting for kernel thread statworker to be parked, while stat_worker is waiting for the release of the same lock. It causes a deadlock resulting in the dumping of hung tasks messages and possible rebooting of the device.

This patch prevents the execution of stat_worker during the chip recovery.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40977.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

7bc04215a66b60e198aecaee8418f6d79fa19faa

Fixed

0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08

Fixed

85edd783f4539a994d66c4c014d5858f490b7a02

Fixed

e974dd4c22a23ec3ce579fb6d31a674ac0435da9

Fixed

ecf0b2b8a37c8464186620bef37812a117ff6366

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40977.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.16.0

Fixed

6.1.96

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.36

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.9.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40977.json"