CVE-2024-49976

stopkthread() is the offline callback for "trace/osnoise:online", since commit 5bfbcd1ee57b ("tracing/timerlat: Add interfacelock around clearing of kthread in stop_kthread()"), the following ABBA deadlock scenario is introduced:

As the interfacelock here in just for protecting the "kthread" field of the osnvar, use xchg() instead to fix this issue. Also use foreachonlinecpu() back in stoppercpukthreads() as it can take cpureadlock() again.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b4fdabffae14cca2c80d99bd81f3f27239ac7f5e

Fixed

a4a05ceffe8fad68b45de38fe2311bda619e76e2

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4679272d5252720746fd9c5465352cbc5665f230

Fixed

09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

5bfbcd1ee57b607fd29e4645c7f350dd385dd9ad

Fixed

db8571a9a098086608c11a15856ff585789e67e8

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

5bfbcd1ee57b607fd29e4645c7f350dd385dd9ad

Fixed

b484a02c9cedf8703eff8f0756f94618004bd165

Affected versions

v6.*

v6.10.10

v6.10.11

v6.10.12

v6.10.13

v6.11

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.11.1

v6.11.2

v6.12-rc1

v6.6.51

v6.6.52

v6.6.53

v6.6.54

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2024-49976-0feed0e1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 102.0,
                "function_hash": "273019468839089125008702678892248274268"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_per_cpu_kthreads"
            }
        },
        {
            "id": "CVE-2024-49976-1280b162",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 709.0,
                "function_hash": "190021531865813756446686171387660064469"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_kthread"
            }
        },
        {
            "id": "CVE-2024-49976-27420f77",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287087296263210165550439809481829846554",
                    "3105959329417466292565885938185342135",
                    "135916186936626655219203788407691483038",
                    "167581860214415103781238171364051891069",
                    "189405555443313408293235159550722546734",
                    "122561046196593665171748564125846074788",
                    "154355781674748219897777602198604609382",
                    "189523530503091302420885642013936905127",
                    "245936980629868858475925381527166649831",
                    "194161144732341633640981415493796483498",
                    "51379866352297675914478700991920881778",
                    "36851683316470279823756169767450316080",
                    "44168415518483509610958071001663666877",
                    "83921826443354288136729749453963187447",
                    "76373344076634528226404759206819664131",
                    "209130143449342575329626410629051153514",
                    "199762329549931621270416488023907632192"
                ]
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c"
            }
        },
        {
            "id": "CVE-2024-49976-7508f178",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 102.0,
                "function_hash": "273019468839089125008702678892248274268"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_per_cpu_kthreads"
            }
        },
        {
            "id": "CVE-2024-49976-7ace24c2",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b484a02c9cedf8703eff8f0756f94618004bd165",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287087296263210165550439809481829846554",
                    "3105959329417466292565885938185342135",
                    "135916186936626655219203788407691483038",
                    "167581860214415103781238171364051891069",
                    "189405555443313408293235159550722546734",
                    "122561046196593665171748564125846074788",
                    "154355781674748219897777602198604609382",
                    "189523530503091302420885642013936905127",
                    "245936980629868858475925381527166649831",
                    "194161144732341633640981415493796483498",
                    "51379866352297675914478700991920881778",
                    "36851683316470279823756169767450316080",
                    "44168415518483509610958071001663666877",
                    "83921826443354288136729749453963187447",
                    "76373344076634528226404759206819664131",
                    "209130143449342575329626410629051153514",
                    "199762329549931621270416488023907632192"
                ]
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c"
            }
        },
        {
            "id": "CVE-2024-49976-85dac9b4",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 709.0,
                "function_hash": "190021531865813756446686171387660064469"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_kthread"
            }
        },
        {
            "id": "CVE-2024-49976-bd5d29e7",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287087296263210165550439809481829846554",
                    "3105959329417466292565885938185342135",
                    "135916186936626655219203788407691483038",
                    "167581860214415103781238171364051891069",
                    "189405555443313408293235159550722546734",
                    "122561046196593665171748564125846074788",
                    "154355781674748219897777602198604609382",
                    "189523530503091302420885642013936905127",
                    "245936980629868858475925381527166649831",
                    "194161144732341633640981415493796483498",
                    "51379866352297675914478700991920881778",
                    "36851683316470279823756169767450316080",
                    "44168415518483509610958071001663666877",
                    "83921826443354288136729749453963187447",
                    "76373344076634528226404759206819664131",
                    "209130143449342575329626410629051153514",
                    "199762329549931621270416488023907632192"
                ]
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c"
            }
        },
        {
            "id": "CVE-2024-49976-c0dcf265",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4a05ceffe8fad68b45de38fe2311bda619e76e2",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 102.0,
                "function_hash": "273019468839089125008702678892248274268"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_per_cpu_kthreads"
            }
        },
        {
            "id": "CVE-2024-49976-e8ad02ea",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287087296263210165550439809481829846554",
                    "3105959329417466292565885938185342135",
                    "135916186936626655219203788407691483038",
                    "167581860214415103781238171364051891069",
                    "189405555443313408293235159550722546734",
                    "122561046196593665171748564125846074788",
                    "154355781674748219897777602198604609382",
                    "189523530503091302420885642013936905127",
                    "245936980629868858475925381527166649831",
                    "194161144732341633640981415493796483498",
                    "51379866352297675914478700991920881778",
                    "36851683316470279823756169767450316080",
                    "44168415518483509610958071001663666877",
                    "83921826443354288136729749453963187447",
                    "76373344076634528226404759206819664131",
                    "209130143449342575329626410629051153514",
                    "199762329549931621270416488023907632192"
                ]
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c"
            }
        },
        {
            "id": "CVE-2024-49976-ec9073ab",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 709.0,
                "function_hash": "190021531865813756446686171387660064469"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_kthread"
            }
        },
        {
            "id": "CVE-2024-49976-ef4e66d9",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09cb44cc3d3df7ade2cebc939d6257a2fa8afc7a",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 709.0,
                "function_hash": "190021531865813756446686171387660064469"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_kthread"
            }
        },
        {
            "id": "CVE-2024-49976-fefcbed4",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db8571a9a098086608c11a15856ff585789e67e8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 102.0,
                "function_hash": "273019468839089125008702678892248274268"
            },
            "target": {
                "file": "kernel/trace/trace_osnoise.c",
                "function": "stop_per_cpu_kthreads"
            }
        }
    ]
}

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.55

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.14

Type: ECOSYSTEM
Events: Introduced

6.11.0

Fixed

6.11.3