vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-50079): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	2024-10-29	2025-02-20	2025-03-03

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

2024-10-29

Added

2025-02-20

Modified

2025-03-03

Description

In the Linux kernel, the following vulnerability has been resolved:

io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work

When the sqpoll is exiting and cancels pending work items, it may need
to run task_work. If this happens from within io_uring_cancel_generic(),
then it may be under waiting for the io_uring_task waitqueue. This
results in the below splat from the scheduler, as the ring mutex may be
attempted grabbed while in a TASK_INTERRUPTIBLE state.

Ensure that the task state is set appropriately for that, just like what
is done for the other cases in io_run_task_work().

do not call blocking ops when !TASK_RUNNING; state=1 set at [] prepare_to_wait+0x88/0x2fc
WARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140
Modules linked in:
CPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456
Hardware name: linux,dummy-virt (DT)
pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : __might_sleep+0xf4/0x140
lr : __might_sleep+0xf4/0x140
sp : ffff80008c5e7830
x29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230
x26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50
x23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180
x20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90
x17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720
x14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b
x11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000
x8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001
x5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc
x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180
Call trace:
__might_sleep+0xf4/0x140
mutex_lock+0x84/0x124
io_handle_tw_list+0xf4/0x260
tctx_task_work_run+0x94/0x340
io_run_task_work+0x1ec/0x3c0
io_uring_cancel_generic+0x364/0x524
io_sq_thread+0x820/0x124c
ret_from_fork+0x10/0x20

Solution(s)

ubuntu-upgrade-linux-image-6-11-0-1005-realtimeubuntu-upgrade-linux-image-6-11-0-1008-raspiubuntu-upgrade-linux-image-6-11-0-1009-awsubuntu-upgrade-linux-image-6-11-0-1009-azureubuntu-upgrade-linux-image-6-11-0-1009-azure-fdeubuntu-upgrade-linux-image-6-11-0-1009-gcpubuntu-upgrade-linux-image-6-11-0-1010-lowlatencyubuntu-upgrade-linux-image-6-11-0-1010-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1011-oracleubuntu-upgrade-linux-image-6-11-0-1011-oracle-64kubuntu-upgrade-linux-image-6-11-0-1015-oemubuntu-upgrade-linux-image-6-11-0-18-genericubuntu-upgrade-linux-image-6-11-0-18-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-oem-24-04ubuntu-upgrade-linux-image-oem-24-04aubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-hwe-24-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-24-04

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today