CVE-2024-50014

INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> dumpstacklvl+0x66/0x90 registerlockclass+0x759/0x7d0 _lockacquire+0x85/0x2630 ? _findgetblock+0xb4/0x380 lockacquire+0xd1/0x2d0 ? _ext4journalgetwriteaccess+0xd5/0x160 _rawspinlock+0x33/0x40 ? _ext4journalgetwriteaccess+0xd5/0x160 _ext4journalgetwriteaccess+0xd5/0x160 ext4reserveinodewrite+0x61/0xb0 _ext4markinodedirty+0x79/0x270 ? ext4extreplaysetiblocks+0x2f8/0x450 ext4extreplaysetiblocks+0x330/0x450 ext4fcreplay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcuiswatching+0x11/0x40 doonepass+0x447/0xd00 jbd2journalrecover+0x139/0x1b0 jbd2journalload+0x96/0x390 ext4loadandinitjournal+0x253/0xd40 ext4fillsuper+0x2cc6/0x3180 ...

In the replay path there's an attempt to lock sbi->sbdevwblock in function ext4checkbdevwriteerror(). Unfortunately, at this point this spinlock has not been initialized yet. Moving it's initialization to an earlier point in _ext4fillsuper() fixes this splat.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50014.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

01efe93a5aa20a19b390426718dc214898a7c2ec

Fixed

6e35f560daebe40264c95e9a1ab03110d4997df6

Fixed

d157fc20ca5239fd56965a5a8aa1a0e25919891a

Fixed

b002031d585a14eed511117dda8c6452a804d508

Fixed

23dfdb56581ad92a9967bcd720c8c23356af74c1

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.10.1

v6.10.10

v6.10.11

v6.10.12

v6.10.13

v6.10.2

v6.10.3

v6.10.4

v6.10.5

v6.10.6

v6.10.7

v6.10.8

v6.10.9

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.11.1

v6.11.2

v6.5

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.33

v6.6.34

v6.6.35

v6.6.36

v6.6.37

v6.6.38

v6.6.39

v6.6.4

v6.6.40

v6.6.41

v6.6.42

v6.6.43

v6.6.44

v6.6.45

v6.6.46

v6.6.47

v6.6.48

v6.6.49

v6.6.5

v6.6.50

v6.6.51

v6.6.52

v6.6.53

v6.6.54

v6.6.55

v6.6.56

v6.6.57

v6.6.58

v6.6.59

v6.6.6

v6.6.60

v6.6.61

v6.6.62

v6.6.63

v6.6.64

v6.6.65

v6.6.66

v6.6.67

v6.6.68

v6.6.69

v6.6.7

v6.6.70

v6.6.71

v6.6.72

v6.6.73

v6.6.74

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50014.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.6.0

Fixed

6.6.75

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.14

Type: ECOSYSTEM
Events: Introduced

6.11.0

Fixed

6.11.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50014.json"