CVE-2024-49976
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-49976
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49976.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-49976
- Downstream
- Related
- Published
- 2024-10-21T18:02:23Z
- Modified
- 2025-10-17T14:44:56.663521Z
- Summary
- tracing/timerlat: Drop interface_lock in stop_kthread()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
tracing/timerlat: Drop interfacelock in stopkthread()
stopkthread() is the offline callback for "trace/osnoise:online", since commit 5bfbcd1ee57b ("tracing/timerlat: Add interfacelock around clearing of kthread in stop_kthread()"), the following ABBA deadlock scenario is introduced:
T1 | T2 [BP] | T3 [AP] osnoisehotplugworkfn() | workforcpufn() | cpuhpthreadfun() | _cpudown() | osnoisecpudie() mutexlock(&interfacelock) | | stopkthread() | cpuswritelock() | mutexlock(&interfacelock) cpusreadlock() | cpuhpkick_ap() |
As the interfacelock here in just for protecting the "kthread" field of the osnvar, use xchg() instead to fix this issue. Also use foreachonlinecpu() back in stoppercpukthreads() as it can take cpureadlock() again.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a
- https://git.kernel.org/stable/c/a4a05ceffe8fad68b45de38fe2311bda619e76e2
- https://git.kernel.org/stable/c/b484a02c9cedf8703eff8f0756f94618004bd165
- https://git.kernel.org/stable/c/db8571a9a098086608c11a15856ff585789e67e8
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb4fdabffae14cca2c80d99bd81f3f27239ac7f5eFixeda4a05ceffe8fad68b45de38fe2311bda619e76e2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4679272d5252720746fd9c5465352cbc5665f230Fixed09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5bfbcd1ee57b607fd29e4645c7f350dd385dd9adFixeddb8571a9a098086608c11a15856ff585789e67e8
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5bfbcd1ee57b607fd29e4645c7f350dd385dd9adFixedb484a02c9cedf8703eff8f0756f94618004bd165
Affected versions
v6.*
v6.10.10
v6.10.11
v6.10.12
v6.10.13
v6.11
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.12-rc1
v6.6.51
v6.6.52
v6.6.53
v6.6.54
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
"digest": {
"length": 102.0,
"function_hash": "273019468839089125008702678892248274268"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_per_cpu_kthreads",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-0feed0e1"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
"digest": {
"length": 709.0,
"function_hash": "190021531865813756446686171387660064469"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_kthread",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-1280b162"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287087296263210165550439809481829846554",
"3105959329417466292565885938185342135",
"135916186936626655219203788407691483038",
"167581860214415103781238171364051891069",
"189405555443313408293235159550722546734",
"122561046196593665171748564125846074788",
"154355781674748219897777602198604609382",
"189523530503091302420885642013936905127",
"245936980629868858475925381527166649831",
"194161144732341633640981415493796483498",
"51379866352297675914478700991920881778",
"36851683316470279823756169767450316080",
"44168415518483509610958071001663666877",
"83921826443354288136729749453963187447",
"76373344076634528226404759206819664131",
"209130143449342575329626410629051153514",
"199762329549931621270416488023907632192"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-27420f77"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
"digest": {
"length": 102.0,
"function_hash": "273019468839089125008702678892248274268"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_per_cpu_kthreads",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-7508f178"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287087296263210165550439809481829846554",
"3105959329417466292565885938185342135",
"135916186936626655219203788407691483038",
"167581860214415103781238171364051891069",
"189405555443313408293235159550722546734",
"122561046196593665171748564125846074788",
"154355781674748219897777602198604609382",
"189523530503091302420885642013936905127",
"245936980629868858475925381527166649831",
"194161144732341633640981415493796483498",
"51379866352297675914478700991920881778",
"36851683316470279823756169767450316080",
"44168415518483509610958071001663666877",
"83921826443354288136729749453963187447",
"76373344076634528226404759206819664131",
"209130143449342575329626410629051153514",
"199762329549931621270416488023907632192"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-7ace24c2"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
"digest": {
"length": 709.0,
"function_hash": "190021531865813756446686171387660064469"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_kthread",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-85dac9b4"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287087296263210165550439809481829846554",
"3105959329417466292565885938185342135",
"135916186936626655219203788407691483038",
"167581860214415103781238171364051891069",
"189405555443313408293235159550722546734",
"122561046196593665171748564125846074788",
"154355781674748219897777602198604609382",
"189523530503091302420885642013936905127",
"245936980629868858475925381527166649831",
"194161144732341633640981415493796483498",
"51379866352297675914478700991920881778",
"36851683316470279823756169767450316080",
"44168415518483509610958071001663666877",
"83921826443354288136729749453963187447",
"76373344076634528226404759206819664131",
"209130143449342575329626410629051153514",
"199762329549931621270416488023907632192"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-bd5d29e7"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
"digest": {
"length": 102.0,
"function_hash": "273019468839089125008702678892248274268"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_per_cpu_kthreads",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-c0dcf265"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287087296263210165550439809481829846554",
"3105959329417466292565885938185342135",
"135916186936626655219203788407691483038",
"167581860214415103781238171364051891069",
"189405555443313408293235159550722546734",
"122561046196593665171748564125846074788",
"154355781674748219897777602198604609382",
"189523530503091302420885642013936905127",
"245936980629868858475925381527166649831",
"194161144732341633640981415493796483498",
"51379866352297675914478700991920881778",
"36851683316470279823756169767450316080",
"44168415518483509610958071001663666877",
"83921826443354288136729749453963187447",
"76373344076634528226404759206819664131",
"209130143449342575329626410629051153514",
"199762329549931621270416488023907632192"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-e8ad02ea"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
"digest": {
"length": 709.0,
"function_hash": "190021531865813756446686171387660064469"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_kthread",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-ec9073ab"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
"digest": {
"length": 709.0,
"function_hash": "190021531865813756446686171387660064469"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_kthread",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-ef4e66d9"
},
{
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
"digest": {
"length": 102.0,
"function_hash": "273019468839089125008702678892248274268"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"function": "stop_per_cpu_kthreads",
"file": "kernel/trace/trace_osnoise.c"
},
"id": "CVE-2024-49976-fefcbed4"
}
]