CVE-2024-50135
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50135
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50135.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50135
- Downstream
- Related
- Published
- 2024-11-05T17:10:59Z
- Modified
- 2025-10-17T15:49:14.079387Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- nvme-pci: fix race condition between reset and nvme_dev_disable()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvmedevdisable()
nvmedevdisable() modifies the dev->onlinequeues field, therefore nvmepciupdatenrqueues() should avoid racing against it, otherwise we could end up passing invalid values to blkmqupdatenrhwqueues().
WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347 pciirqgetaffinity+0x187/0x210 Workqueue: nvme-reset-wq nvmeresetwork [nvme] RIP: 0010:pciirqgetaffinity+0x187/0x210 Call Trace: <TASK> ? blkmqpcimapqueues+0x87/0x3c0 ? pciirqgetaffinity+0x187/0x210 blkmqpcimapqueues+0x87/0x3c0 nvmepcimapqueues+0x189/0x460 [nvme] blkmqupdatenrhwqueues+0x2a/0x40 nvmereset_work+0x1be/0x2a0 [nvme]
Fix the bug by locking the shutdownlock mutex before using dev->onlinequeues. Give up if nvmedevdisable() is running or if it has been executed already.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced949928c1c731417cc0f070912c63878b62b544f4Fixed4ed32cc0939b64e3d7b48c8c0d63ea038775f304
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced949928c1c731417cc0f070912c63878b62b544f4Fixedb33e49a5f254474b33ce98fd45dd0ffdc247a0be
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced949928c1c731417cc0f070912c63878b62b544f4Fixed26bc0a81f64ce00fc4342c38eeb2eddaad084dd2
Affected versions
v4.*
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.5
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8
v5.*
v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ed32cc0939b64e3d7b48c8c0d63ea038775f304",
"signature_version": "v1",
"target": {
"function": "nvme_pci_update_nr_queues",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "183511437039881974944541127158812179739",
"length": 303.0
},
"id": "CVE-2024-50135-0fc5f77b"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26bc0a81f64ce00fc4342c38eeb2eddaad084dd2",
"signature_version": "v1",
"target": {
"function": "nvme_reset_work",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "194929219216042870368982919622055608962",
"length": 1899.0
},
"id": "CVE-2024-50135-197cf646"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ed32cc0939b64e3d7b48c8c0d63ea038775f304",
"signature_version": "v1",
"target": {
"function": "nvme_reset_work",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "194929219216042870368982919622055608962",
"length": 1899.0
},
"id": "CVE-2024-50135-75bf43dc"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b33e49a5f254474b33ce98fd45dd0ffdc247a0be",
"signature_version": "v1",
"target": {
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"100793753130933420763870905715716487392",
"84665131326353228220951446890364453305",
"263529434137594965683731580863477571",
"289198149646499840910249350573584016740",
"43275991414643697542057013168777333061",
"173014259828206115711873157347850708089",
"310955255081390976969514549086526884500",
"323894695912889801282168060207741043655",
"163308389544247816709754833085789136419",
"46084956579983049068469703505889468951",
"53782194263553131075619640386465536876",
"14804028797716929479377814864725185099",
"221087197936890604288438650974337447077",
"223528928606307207697514480042035466324",
"319046128009951869641025714954890069988",
"297639704791775581725414720892851030162"
]
},
"id": "CVE-2024-50135-93f1039a"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26bc0a81f64ce00fc4342c38eeb2eddaad084dd2",
"signature_version": "v1",
"target": {
"function": "nvme_pci_update_nr_queues",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "183511437039881974944541127158812179739",
"length": 303.0
},
"id": "CVE-2024-50135-abe849fa"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ed32cc0939b64e3d7b48c8c0d63ea038775f304",
"signature_version": "v1",
"target": {
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"100793753130933420763870905715716487392",
"84665131326353228220951446890364453305",
"263529434137594965683731580863477571",
"289198149646499840910249350573584016740",
"43275991414643697542057013168777333061",
"173014259828206115711873157347850708089",
"310955255081390976969514549086526884500",
"323894695912889801282168060207741043655",
"163308389544247816709754833085789136419",
"46084956579983049068469703505889468951",
"53782194263553131075619640386465536876",
"14804028797716929479377814864725185099",
"221087197936890604288438650974337447077",
"223528928606307207697514480042035466324",
"319046128009951869641025714954890069988",
"297639704791775581725414720892851030162"
]
},
"id": "CVE-2024-50135-ba619aac"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26bc0a81f64ce00fc4342c38eeb2eddaad084dd2",
"signature_version": "v1",
"target": {
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"100793753130933420763870905715716487392",
"84665131326353228220951446890364453305",
"263529434137594965683731580863477571",
"289198149646499840910249350573584016740",
"43275991414643697542057013168777333061",
"173014259828206115711873157347850708089",
"310955255081390976969514549086526884500",
"323894695912889801282168060207741043655",
"163308389544247816709754833085789136419",
"46084956579983049068469703505889468951",
"53782194263553131075619640386465536876",
"14804028797716929479377814864725185099",
"221087197936890604288438650974337447077",
"223528928606307207697514480042035466324",
"319046128009951869641025714954890069988",
"297639704791775581725414720892851030162"
]
},
"id": "CVE-2024-50135-d40bc40f"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b33e49a5f254474b33ce98fd45dd0ffdc247a0be",
"signature_version": "v1",
"target": {
"function": "nvme_reset_work",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "194929219216042870368982919622055608962",
"length": 1899.0
},
"id": "CVE-2024-50135-e78d4cf9"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b33e49a5f254474b33ce98fd45dd0ffdc247a0be",
"signature_version": "v1",
"target": {
"function": "nvme_pci_update_nr_queues",
"file": "drivers/nvme/host/pci.c"
},
"digest": {
"function_hash": "183511437039881974944541127158812179739",
"length": 303.0
},
"id": "CVE-2024-50135-ea8116c3"
}
]