CVE-2024-26880
Vulnerability from cvelistv5
Published
2024-04-17 10:27
Modified
2024-12-19 08:49
Summary
In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend There is this reported crash when experimenting with the lvm2 testsuite. The list corruption is caused by the fact that the postsuspend and resume methods were not paired correctly; there were two consecutive calls to the origin_postsuspend function. The second call attempts to remove the "hash_list" entry from a list, while it was already removed by the first call. Fix __dm_internal_resume so that it calls the preresume and resume methods of the table's targets. If a preresume method of some target fails, we are in a tricky situation. We can't return an error because dm_internal_resume isn't supposed to return errors. We can't return success, because then the "resume" and "postsuspend" methods would not be paired correctly. So, we set the DMF_SUSPENDED flag and we fake normal suspend - it may confuse userspace tools, but it won't cause a kernel crash. ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:56! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 1 PID: 8343 Comm: dmsetup Not tainted 6.8.0-rc6 #4 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 RIP: 0010:__list_del_entry_valid_or_report+0x77/0xc0 <snip> RSP: 0018:ffff8881b831bcc0 EFLAGS: 00010282 RAX: 000000000000004e RBX: ffff888143b6eb80 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffffffff819053d0 RDI: 00000000ffffffff RBP: ffff8881b83a3400 R08: 00000000fffeffff R09: 0000000000000058 R10: 0000000000000000 R11: ffffffff81a24080 R12: 0000000000000001 R13: ffff88814538e000 R14: ffff888143bc6dc0 R15: ffffffffa02e4bb0 FS: 00000000f7c0f780(0000) GS:ffff8893f0a40000(0000) knlGS:0000000000000000 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000057fb5000 CR3: 0000000143474000 CR4: 00000000000006b0 Call Trace: <TASK> ? die+0x2d/0x80 ? do_trap+0xeb/0xf0 ? __list_del_entry_valid_or_report+0x77/0xc0 ? do_error_trap+0x60/0x80 ? __list_del_entry_valid_or_report+0x77/0xc0 ? exc_invalid_op+0x49/0x60 ? __list_del_entry_valid_or_report+0x77/0xc0 ? asm_exc_invalid_op+0x16/0x20 ? table_deps+0x1b0/0x1b0 [dm_mod] ? __list_del_entry_valid_or_report+0x77/0xc0 origin_postsuspend+0x1a/0x50 [dm_snapshot] dm_table_postsuspend_targets+0x34/0x50 [dm_mod] dm_suspend+0xd8/0xf0 [dm_mod] dev_suspend+0x1f2/0x2f0 [dm_mod] ? table_deps+0x1b0/0x1b0 [dm_mod] ctl_ioctl+0x300/0x5f0 [dm_mod] dm_compat_ctl_ioctl+0x7/0x10 [dm_mod] __x64_compat_sys_ioctl+0x104/0x170 do_syscall_64+0x184/0x1b0 entry_SYSCALL_64_after_hwframe+0x46/0x4e RIP: 0033:0xf7e6aead <snip> ---[ end trace 0000000000000000 ]---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Impacted products
Vendor Product Version
Linux Linux Version: 3.19
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-26880",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T18:04:34.890631Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T17:18:07.417Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:04.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "69836d9329f0b4c58faaf3d886a7748ddb5bf718",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "da7ece2197101b1469853e6b5e915be1e3896d52",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "f89bd27709376d37ff883067193320c58a8c1d5a",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "ad10289f68f45649816cc68eb93f45fd5ec48a15",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "15a3fc5c8774c17589dabfe1d642d40685c985af",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "ef02d8edf738557af2865c5bfb66a03c4e071be7",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "360a7d1be8112654f1fb328ed3862be630bca3f4",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            },
            {
              "lessThan": "65e8fbde64520001abf1c8d0e573561b4746ef38",
              "status": "affected",
              "version": "ffcc39364160663cda1a3c358f4537302a92459b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.311",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: call the resume method on internal suspend\n\nThere is this reported crash when experimenting with the lvm2 testsuite.\nThe list corruption is caused by the fact that the postsuspend and resume\nmethods were not paired correctly; there were two consecutive calls to the\norigin_postsuspend function. The second call attempts to remove the\n\"hash_list\" entry from a list, while it was already removed by the first\ncall.\n\nFix __dm_internal_resume so that it calls the preresume and resume\nmethods of the table\u0027s targets.\n\nIf a preresume method of some target fails, we are in a tricky situation.\nWe can\u0027t return an error because dm_internal_resume isn\u0027t supposed to\nreturn errors. We can\u0027t return success, because then the \"resume\" and\n\"postsuspend\" methods would not be paired correctly. So, we set the\nDMF_SUSPENDED flag and we fake normal suspend - it may confuse userspace\ntools, but it won\u0027t cause a kernel crash.\n\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:56!\ninvalid opcode: 0000 [#1] PREEMPT SMP\nCPU: 1 PID: 8343 Comm: dmsetup Not tainted 6.8.0-rc6 #4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nRIP: 0010:__list_del_entry_valid_or_report+0x77/0xc0\n\u003csnip\u003e\nRSP: 0018:ffff8881b831bcc0 EFLAGS: 00010282\nRAX: 000000000000004e RBX: ffff888143b6eb80 RCX: 0000000000000000\nRDX: 0000000000000001 RSI: ffffffff819053d0 RDI: 00000000ffffffff\nRBP: ffff8881b83a3400 R08: 00000000fffeffff R09: 0000000000000058\nR10: 0000000000000000 R11: ffffffff81a24080 R12: 0000000000000001\nR13: ffff88814538e000 R14: ffff888143bc6dc0 R15: ffffffffa02e4bb0\nFS:  00000000f7c0f780(0000) GS:ffff8893f0a40000(0000) knlGS:0000000000000000\nCS:  0010 DS: 002b ES: 002b CR0: 0000000080050033\nCR2: 0000000057fb5000 CR3: 0000000143474000 CR4: 00000000000006b0\nCall Trace:\n \u003cTASK\u003e\n ? die+0x2d/0x80\n ? do_trap+0xeb/0xf0\n ? __list_del_entry_valid_or_report+0x77/0xc0\n ? do_error_trap+0x60/0x80\n ? __list_del_entry_valid_or_report+0x77/0xc0\n ? exc_invalid_op+0x49/0x60\n ? __list_del_entry_valid_or_report+0x77/0xc0\n ? asm_exc_invalid_op+0x16/0x20\n ? table_deps+0x1b0/0x1b0 [dm_mod]\n ? __list_del_entry_valid_or_report+0x77/0xc0\n origin_postsuspend+0x1a/0x50 [dm_snapshot]\n dm_table_postsuspend_targets+0x34/0x50 [dm_mod]\n dm_suspend+0xd8/0xf0 [dm_mod]\n dev_suspend+0x1f2/0x2f0 [dm_mod]\n ? table_deps+0x1b0/0x1b0 [dm_mod]\n ctl_ioctl+0x300/0x5f0 [dm_mod]\n dm_compat_ctl_ioctl+0x7/0x10 [dm_mod]\n __x64_compat_sys_ioctl+0x104/0x170\n do_syscall_64+0x184/0x1b0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\nRIP: 0033:0xf7e6aead\n\u003csnip\u003e\n---[ end trace 0000000000000000 ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T08:49:17.919Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718"
        },
        {
          "url": "https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52"
        },
        {
          "url": "https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a"
        },
        {
          "url": "https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15"
        },
        {
          "url": "https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7"
        },
        {
          "url": "https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38"
        }
      ],
      "title": "dm: call the resume method on internal suspend",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26880",
    "datePublished": "2024-04-17T10:27:37.110Z",
    "dateReserved": "2024-02-19T14:20:24.185Z",
    "dateUpdated": "2024-12-19T08:49:17.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26880\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-17T11:15:09.963\",\"lastModified\":\"2024-11-21T09:03:16.923\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndm: call the resume method on internal suspend\\n\\nThere is this reported crash when experimenting with the lvm2 testsuite.\\nThe list corruption is caused by the fact that the postsuspend and resume\\nmethods were not paired correctly; there were two consecutive calls to the\\norigin_postsuspend function. The second call attempts to remove the\\n\\\"hash_list\\\" entry from a list, while it was already removed by the first\\ncall.\\n\\nFix __dm_internal_resume so that it calls the preresume and resume\\nmethods of the table\u0027s targets.\\n\\nIf a preresume method of some target fails, we are in a tricky situation.\\nWe can\u0027t return an error because dm_internal_resume isn\u0027t supposed to\\nreturn errors. We can\u0027t return success, because then the \\\"resume\\\" and\\n\\\"postsuspend\\\" methods would not be paired correctly. So, we set the\\nDMF_SUSPENDED flag and we fake normal suspend - it may confuse userspace\\ntools, but it won\u0027t cause a kernel crash.\\n\\n------------[ cut here ]------------\\nkernel BUG at lib/list_debug.c:56!\\ninvalid opcode: 0000 [#1] PREEMPT SMP\\nCPU: 1 PID: 8343 Comm: dmsetup Not tainted 6.8.0-rc6 #4\\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\\nRIP: 0010:__list_del_entry_valid_or_report+0x77/0xc0\\n\u003csnip\u003e\\nRSP: 0018:ffff8881b831bcc0 EFLAGS: 00010282\\nRAX: 000000000000004e RBX: ffff888143b6eb80 RCX: 0000000000000000\\nRDX: 0000000000000001 RSI: ffffffff819053d0 RDI: 00000000ffffffff\\nRBP: ffff8881b83a3400 R08: 00000000fffeffff R09: 0000000000000058\\nR10: 0000000000000000 R11: ffffffff81a24080 R12: 0000000000000001\\nR13: ffff88814538e000 R14: ffff888143bc6dc0 R15: ffffffffa02e4bb0\\nFS:  00000000f7c0f780(0000) GS:ffff8893f0a40000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 002b ES: 002b CR0: 0000000080050033\\nCR2: 0000000057fb5000 CR3: 0000000143474000 CR4: 00000000000006b0\\nCall Trace:\\n \u003cTASK\u003e\\n ? die+0x2d/0x80\\n ? do_trap+0xeb/0xf0\\n ? __list_del_entry_valid_or_report+0x77/0xc0\\n ? do_error_trap+0x60/0x80\\n ? __list_del_entry_valid_or_report+0x77/0xc0\\n ? exc_invalid_op+0x49/0x60\\n ? __list_del_entry_valid_or_report+0x77/0xc0\\n ? asm_exc_invalid_op+0x16/0x20\\n ? table_deps+0x1b0/0x1b0 [dm_mod]\\n ? __list_del_entry_valid_or_report+0x77/0xc0\\n origin_postsuspend+0x1a/0x50 [dm_snapshot]\\n dm_table_postsuspend_targets+0x34/0x50 [dm_mod]\\n dm_suspend+0xd8/0xf0 [dm_mod]\\n dev_suspend+0x1f2/0x2f0 [dm_mod]\\n ? table_deps+0x1b0/0x1b0 [dm_mod]\\n ctl_ioctl+0x300/0x5f0 [dm_mod]\\n dm_compat_ctl_ioctl+0x7/0x10 [dm_mod]\\n __x64_compat_sys_ioctl+0x104/0x170\\n do_syscall_64+0x184/0x1b0\\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\\nRIP: 0033:0xf7e6aead\\n\u003csnip\u003e\\n---[ end trace 0000000000000000 ]---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dm: llamar al m\u00e9todo de reanudaci\u00f3n en suspensi\u00f3n interna. Se inform\u00f3 este bloqueo al experimentar con el conjunto de pruebas lvm2. La corrupci\u00f3n de la lista se debe al hecho de que los m\u00e9todos de possuspensi\u00f3n y reanudaci\u00f3n no se emparejaron correctamente; hubo dos llamadas consecutivas a la funci\u00f3n origin_postsuspend. La segunda llamada intenta eliminar la entrada \\\"hash_list\\\" de una lista, mientras que la primera llamada ya la elimin\u00f3. Corrige __dm_internal_resume para que llame a los m\u00e9todos preresume y resume de los objetivos de la tabla. Si falla un m\u00e9todo de reanudaci\u00f3n previa de alg\u00fan objetivo, estamos en una situaci\u00f3n complicada. No podemos devolver un error porque se supone que dm_internal_resume no devuelve errores. No podemos devolver el \u00e9xito, porque entonces los m\u00e9todos \\\"reanudar\\\" y \\\"postsuspender\\\" no se emparejar\u00edan correctamente. Entonces, configuramos el indicador DMF_SUSPENDED y simulamos una suspensi\u00f3n normal; puede confundir las herramientas del espacio de usuario, pero no causar\u00e1 una falla del kernel. ------------[ cortar aqu\u00ed ]------------ \u00a1ERROR del kernel en lib/list_debug.c:56! c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP CPU: 1 PID: 8343 Comm: dmsetup Not tainted 6.8.0-rc6 #4 Nombre de hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/ 01/2014 RIP: 0010:__list_del_entry_valid_or_report+0x77/0xc0  RSP: 0018:ffff8881b831bcc0 EFLAGS: 00010282 RAX: 000000000000004e RBX: ffff888143b6eb80 0000000000000000 RDX: 0000000000000001 RSI: ffffffff819053d0 RDI: 00000000ffffffff RBP: ffff8881b83a3400 R08: 00000000fffeffff R09: 8 R10: 0000000000000000 R11: ffffffff81a24080 R12: 0000000000000001 R13: ffff88814538e000 R14: ffff888143bc6dc0 R15: fffffffa02e4bb0 FS: 7c0f780(0000) GS:ffff8893f0a40000(0000) knlGS:0000000000000000 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000057fb5000 CR3: 0000000143474000 CR4: 00000000000006b0 Seguimiento de llamadas:  ? morir+0x2d/0x80? do_trap+0xeb/0xf0? __list_del_entry_valid_or_report+0x77/0xc0 ? do_error_trap+0x60/0x80? __list_del_entry_valid_or_report+0x77/0xc0 ? exc_invalid_op+0x49/0x60? __list_del_entry_valid_or_report+0x77/0xc0 ? asm_exc_invalid_op+0x16/0x20? table_deps+0x1b0/0x1b0 [dm_mod] ? __list_del_entry_valid_or_report+0x77/0xc0 origin_postsuspend+0x1a/0x50 [dm_snapshot] dm_table_postsuspend_targets+0x34/0x50 [dm_mod] dm_suspend+0xd8/0xf0 [dm_mod] dev_suspend+0x1f2/0x2f0 modo] ? table_deps+0x1b0/0x1b0 [dm_mod] ctl_ioctl+0x300/0x5f0 [dm_mod] dm_compat_ctl_ioctl+0x7/0x10 [dm_mod] __x64_compat_sys_ioctl+0x104/0x170 do_syscall_64+0x184/0x1b0 entrada _SYSCALL_64_after_hwframe+0x46/0x4e RIP: 0033:0xf7e6aead  --- [fin de seguimiento 0000000000000000]---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}]},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/03ad5ad53e51abf3a4c7538c1bc67a5982b41dc5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/15a3fc5c8774c17589dabfe1d642d40685c985af\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/360a7d1be8112654f1fb328ed3862be630bca3f4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/65e8fbde64520001abf1c8d0e573561b4746ef38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/69836d9329f0b4c58faaf3d886a7748ddb5bf718\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/ad10289f68f45649816cc68eb93f45fd5ec48a15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/da7ece2197101b1469853e6b5e915be1e3896d52\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/ef02d8edf738557af2865c5bfb66a03c4e071be7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f89bd27709376d37ff883067193320c58a8c1d5a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.