CVE-2024-38582
- Source
- https://cve.org/CVERecord?id=CVE-2024-38582
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38582.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38582
- Downstream
- Related
- Published
- 2024-06-19T13:37:39.163Z
- Modified
- 2026-03-20T12:37:08.417564Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- nilfs2: fix potential hang in nilfs_detach_log_writer()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix potential hang in nilfsdetachlog_writer()
Syzbot has reported a potential hang in nilfsdetachlog_writer() called during nilfs2 unmount.
Analysis revealed that this is because nilfssegctorsync(), which synchronizes with the log writer thread, can be called after nilfssegctordestroy() terminates that thread, as shown in the call trace below:
nilfsdetachlogwriter nilfssegctordestroy nilfssegctorkillthread --> Shut down log writer thread flushwork nilfsiputworkfunc nilfsdisposelist iput nilfsevictinode nilfstransactioncommit nilfsconstructsegment (if inode needs sync) nilfssegctorsync --> Attempt to synchronize with log writer thread *** DEADLOCK ***
Fix this issue by changing nilfssegctorsync() so that the log writer thread returns normally without synchronizing after it terminates, and by forcing tasks that are already waiting to complete once after the thread terminates.
The skipped inode metadata flushout will then be processed together in the subsequent cleanup work in nilfssegctordestroy().
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38582.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfd
- https://git.kernel.org/stable/c/1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0
- https://git.kernel.org/stable/c/6e5c8e8e024e147b834f56f2115aad241433679b
- https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830
- https://git.kernel.org/stable/c/a8799662fed1f8747edae87a1937549288baca6a
- https://git.kernel.org/stable/c/bc9cee50a4a4ca23bdc49f75ea8242d8a2193b3b
- https://git.kernel.org/stable/c/c516db6ab9eabbedbc430b4f93b0d8728e9b427f
- https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e
- https://git.kernel.org/stable/c/eff7cdf890b02596b8d73e910bdbdd489175dbdb
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38582.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-38582
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7ef3ff2fea8bf5e4a21cef47ad87710a3d0fdb52Fixed911d38be151921a5d152bb55e81fd752384c6830Fixedbc9cee50a4a4ca23bdc49f75ea8242d8a2193b3bFixedeff7cdf890b02596b8d73e910bdbdd489175dbdbFixed06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfdFixed1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0Fixeda8799662fed1f8747edae87a1937549288baca6aFixed6e5c8e8e024e147b834f56f2115aad241433679bFixedc516db6ab9eabbedbc430b4f93b0d8728e9b427fFixedeb85dace897c5986bc2f36b3c783c6abb8a4292e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedc23f3a9fa7826af0465b9408b186f6b555991890Last affected28cd54f27d309bd65db8ff4b8e6275345287484cLast affectedec7cae16b37ab478d6d7e33e8563b24ca189e6cfLast affectedd26f2dfa556323787ee1ebd5d03aeaa8650c7404Last affected52e87609d9d3ea34cadb5676e8ea85d025ac9632Last affected7bb9e4a06e12583f1418b669dc45bb3ee84496c6