CVE-2024-27023

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-27023
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27023.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-27023
Downstream
Published
2024-05-01T12:49:21.063Z
Modified
2025-11-28T02:35:19.826722Z
Summary
md: Fix missing release of 'active_io' for flush
Details

In the Linux kernel, the following vulnerability has been resolved:

md: Fix missing release of 'active_io' for flush

submitflushes atomicset(&mddev->flushpending, 1); rdevforeachrcu(rdev, mddev) atomicinc(&mddev->flushpending); bi->biendio = mdendflush submitbio(bi); /* flush io is done first */ mdendflush if (atomicdecandtest(&mddev->flushpending)) percpurefput(&mddev->activeio) -> active_io is not released

if (atomicdecandtest(&mddev->flushpending)) -> missing release of active_io

For consequence, mddevsuspend() will wait for 'activeio' to be zero forever.

Fix this problem by releasing 'activeio' in submitflushes() if 'flush_pending' is decreased to zero.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27023.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f9f2d957a8ea93c73182aebf7de30935a58c027d
Fixed
6b2ff10390b19a2364af622b6666b690443f9f3f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
530cec617f5a8ba6f26bcbf0d64d75c951d17730
Fixed
02dad157ba11064d073f5499dc33552b227d5d3a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c4c2345214b66e2505a26fd2ea58839dd7a1d48d
Fixed
11f81438927f84edfaaeb5d5f10856c3a1c1fc82
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fa2bbff7b0b4e211fec5e5686ef96350690597b5
Fixed
855678ed8534518e2b428bcbcec695de9ba248e8

Affected versions

v6.*

v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.7
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.8-rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27023.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.1.75
Fixed
6.1.80
Type
ECOSYSTEM
Events
Introduced
6.6.14
Fixed
6.6.19
Type
ECOSYSTEM
Events
Introduced
6.7.2
Fixed
6.7.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27023.json"