CVE-2024-35991: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queue_work() while drain_workqueue() will lead to a Call Trace as pushing a work on a draining workqueue is not permitted in spinlocked context. Call Trace: <TASK> ? __warn+0x7d/0x140 ? __queue_work+0x2b2/0x440 ? report_bug+0x1f8/0x200 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? __queue_work+0x2b2/0x440 queue_work_on+0x28/0x30 idxd_misc_thread+0x303/0x5a0 [idxd] ? __schedule+0x369/0xb40 ? __pfx_irq_thread_fn+0x10/0x10 ? irq_thread+0xbc/0x1b0 irq_thread_fn+0x21/0x70 irq_thread+0x102/0x1b0 ? preempt_count_add+0x74/0xa0 ? __pfx_irq_thread_dtor+0x10/0x10 ? __pfx_irq_thread+0x10/0x10 kthread+0x103/0x140 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> The current implementation uses a spinlock to protect event log workqueue and will lead to the Call Trace due to potential task rescheduling. To address the locking issue, convert the spinlock to mutex, allowing the drain_workqueue() to be called in a safe mutex-locked context. This change ensures proper synchronization when accessing the event log workqueue, preventing potential Call Trace and improving the overall robustness of the code.
AI Analysis
Technical Summary
CVE-2024-35991 addresses a synchronization vulnerability in the Linux kernel's dmaengine idxd driver, specifically related to the locking mechanism used for the event log workqueue. The vulnerability arises because the existing implementation uses a spinlock to protect the event log workqueue, but the function drain_workqueue() cannot be safely called in a spinlocked context due to the possibility of task rescheduling. In scenarios where multiple tasks are involved, calling queue_work() while drain_workqueue() is active leads to a kernel Call Trace, indicating a critical error state caused by pushing work onto a draining workqueue under spinlock protection. This results in kernel instability and potential crashes. The root cause is that spinlocks do not allow for task rescheduling, which is necessary when queue_work() is called, leading to unsafe conditions. The fix converts the spinlock to a mutex, which permits safe locking with task rescheduling allowed. This change ensures that drain_workqueue() can be called safely within a mutex-locked context, preventing the Call Trace and improving kernel robustness. The vulnerability affects specific Linux kernel versions identified by commit hashes, and no known exploits are reported in the wild as of the publication date. The issue is technical and specific to kernel developers and system administrators managing Linux systems with the dmaengine idxd driver enabled.
Potential Impact
For European organizations, the impact of this vulnerability primarily concerns systems running affected Linux kernel versions with the dmaengine idxd driver active. This includes servers and infrastructure handling high-performance data movement tasks, such as data centers, cloud providers, and enterprises using Linux for critical workloads. The vulnerability can cause kernel crashes and instability, leading to denial of service (DoS) conditions. While it does not directly lead to privilege escalation or data leakage, the resulting system instability can disrupt business operations, cause downtime, and potentially impact service availability. Organizations relying on Linux-based infrastructure for critical applications may experience operational interruptions. Additionally, kernel crashes can complicate forensic analysis and incident response. Given the absence of known exploits, the immediate risk is moderate, but unpatched systems remain vulnerable to accidental or targeted triggering of the bug, especially in multi-tasking environments. The vulnerability's impact on confidentiality and integrity is low, but availability impact is medium to high depending on system criticality.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the fix converting the spinlock to a mutex in the dmaengine idxd driver. Kernel updates should be tested in staging environments to ensure compatibility. For systems where immediate patching is not feasible, administrators should monitor kernel logs for Call Trace patterns related to queue_work() and drain_workqueue() in the idxd driver context, which may indicate attempts to trigger the issue. Limiting workloads that heavily utilize the dmaengine idxd driver or isolating affected systems can reduce exposure. Organizations should also review their kernel configuration to disable the idxd driver if it is not required, minimizing the attack surface. Implementing robust system monitoring and alerting for kernel errors will help detect potential exploitation attempts or accidental triggers. Coordination with Linux distribution vendors for timely patch deployment is essential. Finally, maintaining comprehensive backups and disaster recovery plans will mitigate operational impact in case of system crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2024-35991: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queue_work() while drain_workqueue() will lead to a Call Trace as pushing a work on a draining workqueue is not permitted in spinlocked context. Call Trace: <TASK> ? __warn+0x7d/0x140 ? __queue_work+0x2b2/0x440 ? report_bug+0x1f8/0x200 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? __queue_work+0x2b2/0x440 queue_work_on+0x28/0x30 idxd_misc_thread+0x303/0x5a0 [idxd] ? __schedule+0x369/0xb40 ? __pfx_irq_thread_fn+0x10/0x10 ? irq_thread+0xbc/0x1b0 irq_thread_fn+0x21/0x70 irq_thread+0x102/0x1b0 ? preempt_count_add+0x74/0xa0 ? __pfx_irq_thread_dtor+0x10/0x10 ? __pfx_irq_thread+0x10/0x10 kthread+0x103/0x140 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> The current implementation uses a spinlock to protect event log workqueue and will lead to the Call Trace due to potential task rescheduling. To address the locking issue, convert the spinlock to mutex, allowing the drain_workqueue() to be called in a safe mutex-locked context. This change ensures proper synchronization when accessing the event log workqueue, preventing potential Call Trace and improving the overall robustness of the code.
AI-Powered Analysis
Technical Analysis
CVE-2024-35991 addresses a synchronization vulnerability in the Linux kernel's dmaengine idxd driver, specifically related to the locking mechanism used for the event log workqueue. The vulnerability arises because the existing implementation uses a spinlock to protect the event log workqueue, but the function drain_workqueue() cannot be safely called in a spinlocked context due to the possibility of task rescheduling. In scenarios where multiple tasks are involved, calling queue_work() while drain_workqueue() is active leads to a kernel Call Trace, indicating a critical error state caused by pushing work onto a draining workqueue under spinlock protection. This results in kernel instability and potential crashes. The root cause is that spinlocks do not allow for task rescheduling, which is necessary when queue_work() is called, leading to unsafe conditions. The fix converts the spinlock to a mutex, which permits safe locking with task rescheduling allowed. This change ensures that drain_workqueue() can be called safely within a mutex-locked context, preventing the Call Trace and improving kernel robustness. The vulnerability affects specific Linux kernel versions identified by commit hashes, and no known exploits are reported in the wild as of the publication date. The issue is technical and specific to kernel developers and system administrators managing Linux systems with the dmaengine idxd driver enabled.
Potential Impact
For European organizations, the impact of this vulnerability primarily concerns systems running affected Linux kernel versions with the dmaengine idxd driver active. This includes servers and infrastructure handling high-performance data movement tasks, such as data centers, cloud providers, and enterprises using Linux for critical workloads. The vulnerability can cause kernel crashes and instability, leading to denial of service (DoS) conditions. While it does not directly lead to privilege escalation or data leakage, the resulting system instability can disrupt business operations, cause downtime, and potentially impact service availability. Organizations relying on Linux-based infrastructure for critical applications may experience operational interruptions. Additionally, kernel crashes can complicate forensic analysis and incident response. Given the absence of known exploits, the immediate risk is moderate, but unpatched systems remain vulnerable to accidental or targeted triggering of the bug, especially in multi-tasking environments. The vulnerability's impact on confidentiality and integrity is low, but availability impact is medium to high depending on system criticality.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the fix converting the spinlock to a mutex in the dmaengine idxd driver. Kernel updates should be tested in staging environments to ensure compatibility. For systems where immediate patching is not feasible, administrators should monitor kernel logs for Call Trace patterns related to queue_work() and drain_workqueue() in the idxd driver context, which may indicate attempts to trigger the issue. Limiting workloads that heavily utilize the dmaengine idxd driver or isolating affected systems can reduce exposure. Organizations should also review their kernel configuration to disable the idxd driver if it is not required, minimizing the attack surface. Implementing robust system monitoring and alerting for kernel errors will help detect potential exploitation attempts or accidental triggers. Coordination with Linux distribution vendors for timely patch deployment is essential. Finally, maintaining comprehensive backups and disaster recovery plans will mitigate operational impact in case of system crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-17T13:50:33.146Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe23c9
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 9:10:00 AM
Last updated: 8/9/2025, 10:42:33 PM
Views: 13
Related Threats
CVE-2025-9011: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9010: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-9009: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-31961: CWE-1220 Insufficient Granularity of Access Control in HCL Software Connections
LowCVE-2025-9008: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.