Description

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we could end up passing invalid values to blk_mq_update_nr_hw_queues(). WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347 pci_irq_get_affinity+0x187/0x210 Workqueue: nvme-reset-wq nvme_reset_work [nvme] RIP: 0010:pci_irq_get_affinity+0x187/0x210 Call Trace: <TASK> ? blk_mq_pci_map_queues+0x87/0x3c0 ? pci_irq_get_affinity+0x187/0x210 blk_mq_pci_map_queues+0x87/0x3c0 nvme_pci_map_queues+0x189/0x460 [nvme] blk_mq_update_nr_hw_queues+0x2a/0x40 nvme_reset_work+0x1be/0x2a0 [nvme] Fix the bug by locking the shutdown_lock mutex before using dev->online_queues. Give up if nvme_dev_disable() is running or if it has been executed already.

INFO

Published Date :

2024-11-05T17:10:59.591Z

Last Modified :

2025-10-01T20:27:14.820Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50135 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50135.

URL Resource
https://git.kernel.org/stable/c/26bc0a81f64ce00fc4342c38eeb2eddaad084dd2 cve-icon cve-icon
https://git.kernel.org/stable/c/4ed32cc0939b64e3d7b48c8c0d63ea038775f304 cve-icon cve-icon
https://git.kernel.org/stable/c/b33e49a5f254474b33ce98fd45dd0ffdc247a0be cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024110559-CVE-2024-50135-d177@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50135 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50135 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact