CVE-2024-42294: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0:0":7 blocked for more than 188 seconds. [ 2538.459427] Call trace: [ 2538.459430] __switch_to+0x174/0x338 [ 2538.459436] __schedule+0x628/0x9c4 [ 2538.459442] schedule+0x7c/0xe8 [ 2538.459447] schedule_preempt_disabled+0x24/0x40 [ 2538.459453] __mutex_lock+0x3ec/0xf04 [ 2538.459456] __mutex_lock_slowpath+0x14/0x24 [ 2538.459459] mutex_lock+0x30/0xd8 [ 2538.459462] del_gendisk+0xdc/0x350 [ 2538.459466] sd_remove+0x30/0x60 [ 2538.459470] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459474] device_release_driver+0x18/0x28 [ 2538.459478] bus_remove_device+0x15c/0x174 [ 2538.459483] device_del+0x1d0/0x358 [ 2538.459488] __scsi_remove_device+0xa8/0x198 [ 2538.459493] scsi_forget_host+0x50/0x70 [ 2538.459497] scsi_remove_host+0x80/0x180 [ 2538.459502] usb_stor_disconnect+0x68/0xf4 [ 2538.459506] usb_unbind_interface+0xd4/0x280 [ 2538.459510] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459514] device_release_driver+0x18/0x28 [ 2538.459518] bus_remove_device+0x15c/0x174 [ 2538.459523] device_del+0x1d0/0x358 [ 2538.459528] usb_disable_device+0x84/0x194 [ 2538.459532] usb_disconnect+0xec/0x300 [ 2538.459537] hub_event+0xb80/0x1870 [ 2538.459541] process_scheduled_works+0x248/0x4dc [ 2538.459545] worker_thread+0x244/0x334 [ 2538.459549] kthread+0x114/0x1bc [ 2538.461001] INFO: task "fsck.":15415 blocked for more than 188 seconds. [ 2538.461014] Call trace: [ 2538.461016] __switch_to+0x174/0x338 [ 2538.461021] __schedule+0x628/0x9c4 [ 2538.461025] schedule+0x7c/0xe8 [ 2538.461030] blk_queue_enter+0xc4/0x160 [ 2538.461034] blk_mq_alloc_request+0x120/0x1d4 [ 2538.461037] scsi_execute_cmd+0x7c/0x23c [ 2538.461040] ioctl_internal_command+0x5c/0x164 [ 2538.461046] scsi_set_medium_removal+0x5c/0xb0 [ 2538.461051] sd_release+0x50/0x94 [ 2538.461054] blkdev_put+0x190/0x28c [ 2538.461058] blkdev_release+0x28/0x40 [ 2538.461063] __fput+0xf8/0x2a8 [ 2538.461066] __fput_sync+0x28/0x5c [ 2538.461070] __arm64_sys_close+0x84/0xe8 [ 2538.461073] invoke_syscall+0x58/0x114 [ 2538.461078] el0_svc_common+0xac/0xe0 [ 2538.461082] do_el0_svc+0x1c/0x28 [ 2538.461087] el0_svc+0x38/0x68 [ 2538.461090] el0t_64_sync_handler+0x68/0xbc [ 2538.461093] el0t_64_sync+0x1a8/0x1ac T1: T2: sd_remove del_gendisk __blk_mark_disk_dead blk_freeze_queue_start ++q->mq_freeze_depth bdev_release mutex_lock(&disk->open_mutex) sd_release scsi_execute_cmd blk_queue_enter wait_event(!q->mq_freeze_depth) mutex_lock(&disk->open_mutex) SCSI does not set GD_OWNS_QUEUE, so QUEUE_FLAG_DYING is not set in this scenario. This is a classic ABBA deadlock. To fix the deadlock, make sure we don't try to acquire disk->open_mutex after freezing the queue.
AI Analysis
Technical Summary
CVE-2024-42294 is a vulnerability identified in the Linux kernel related to a deadlock condition occurring between the functions sd_remove and sd_release within the block device subsystem. The issue manifests as a classic ABBA deadlock involving the acquisition of the disk's open_mutex lock after freezing the block queue. Specifically, the deadlock arises because the SCSI subsystem does not set the GD_OWNS_QUEUE flag, which means the QUEUE_FLAG_DYING is not set in this scenario. Consequently, when the system attempts to remove or release SCSI devices, the kernel threads become blocked waiting on mutexes that are held by each other, causing hung tasks and system stalls. The provided kernel log traces show tasks such as "kworker/0:0" and "fsck." being blocked for extended periods (over 188 seconds), indicating significant system unresponsiveness. The deadlock occurs during device removal and release operations, particularly involving SCSI devices and USB storage disconnects, which can freeze the system or delay critical I/O operations. The root cause is the improper ordering of lock acquisition and queue freezing, which the patch aims to fix by ensuring the disk's open_mutex is not acquired after the queue is frozen. This vulnerability affects Linux kernel versions identified by the commit hash eec1be4c30df73238b936fa9f3653773a6f8b15c and likely other related versions before the patch. No known exploits in the wild have been reported yet, and no CVSS score has been assigned at the time of publication.
Potential Impact
For European organizations, this vulnerability can lead to system instability and denial of service conditions on Linux servers and devices that manage SCSI or USB storage devices. The deadlock can cause critical system processes to hang, potentially leading to downtime of services relying on affected Linux systems. This is particularly impactful for data centers, cloud providers, and enterprises using Linux-based infrastructure for storage management, virtual machines, or container orchestration. The inability to properly remove or release storage devices can disrupt maintenance operations and automated workflows, increasing operational risks. In environments with high storage I/O demands, such as financial institutions, research centers, or telecommunications providers, this could degrade performance or cause outages. Although no direct data breach or privilege escalation is indicated, the availability impact alone can have significant business consequences, including loss of productivity and potential SLA violations. The impact is heightened in environments where Linux kernels are customized or updated infrequently, as unpatched systems remain vulnerable to these deadlocks.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize applying the official Linux kernel patches that address the deadlock between sd_remove and sd_release. Kernel updates should be tested and deployed promptly, especially on systems handling critical storage operations. Organizations should audit their Linux kernel versions to identify affected systems using the specified commit hashes or kernel versions known to contain this issue. For environments where immediate patching is not feasible, temporary mitigation could include minimizing device removal operations or USB storage disconnects during peak operational hours to reduce the risk of triggering the deadlock. Monitoring kernel logs for hung tasks or blocked processes related to block device operations can help detect early signs of the issue. Additionally, organizations should review their storage device management procedures and consider implementing redundancy or failover mechanisms to maintain availability during maintenance windows. Coordination with hardware vendors and Linux distribution maintainers is recommended to ensure timely updates and support.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland
CVE-2024-42294: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0:0":7 blocked for more than 188 seconds. [ 2538.459427] Call trace: [ 2538.459430] __switch_to+0x174/0x338 [ 2538.459436] __schedule+0x628/0x9c4 [ 2538.459442] schedule+0x7c/0xe8 [ 2538.459447] schedule_preempt_disabled+0x24/0x40 [ 2538.459453] __mutex_lock+0x3ec/0xf04 [ 2538.459456] __mutex_lock_slowpath+0x14/0x24 [ 2538.459459] mutex_lock+0x30/0xd8 [ 2538.459462] del_gendisk+0xdc/0x350 [ 2538.459466] sd_remove+0x30/0x60 [ 2538.459470] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459474] device_release_driver+0x18/0x28 [ 2538.459478] bus_remove_device+0x15c/0x174 [ 2538.459483] device_del+0x1d0/0x358 [ 2538.459488] __scsi_remove_device+0xa8/0x198 [ 2538.459493] scsi_forget_host+0x50/0x70 [ 2538.459497] scsi_remove_host+0x80/0x180 [ 2538.459502] usb_stor_disconnect+0x68/0xf4 [ 2538.459506] usb_unbind_interface+0xd4/0x280 [ 2538.459510] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459514] device_release_driver+0x18/0x28 [ 2538.459518] bus_remove_device+0x15c/0x174 [ 2538.459523] device_del+0x1d0/0x358 [ 2538.459528] usb_disable_device+0x84/0x194 [ 2538.459532] usb_disconnect+0xec/0x300 [ 2538.459537] hub_event+0xb80/0x1870 [ 2538.459541] process_scheduled_works+0x248/0x4dc [ 2538.459545] worker_thread+0x244/0x334 [ 2538.459549] kthread+0x114/0x1bc [ 2538.461001] INFO: task "fsck.":15415 blocked for more than 188 seconds. [ 2538.461014] Call trace: [ 2538.461016] __switch_to+0x174/0x338 [ 2538.461021] __schedule+0x628/0x9c4 [ 2538.461025] schedule+0x7c/0xe8 [ 2538.461030] blk_queue_enter+0xc4/0x160 [ 2538.461034] blk_mq_alloc_request+0x120/0x1d4 [ 2538.461037] scsi_execute_cmd+0x7c/0x23c [ 2538.461040] ioctl_internal_command+0x5c/0x164 [ 2538.461046] scsi_set_medium_removal+0x5c/0xb0 [ 2538.461051] sd_release+0x50/0x94 [ 2538.461054] blkdev_put+0x190/0x28c [ 2538.461058] blkdev_release+0x28/0x40 [ 2538.461063] __fput+0xf8/0x2a8 [ 2538.461066] __fput_sync+0x28/0x5c [ 2538.461070] __arm64_sys_close+0x84/0xe8 [ 2538.461073] invoke_syscall+0x58/0x114 [ 2538.461078] el0_svc_common+0xac/0xe0 [ 2538.461082] do_el0_svc+0x1c/0x28 [ 2538.461087] el0_svc+0x38/0x68 [ 2538.461090] el0t_64_sync_handler+0x68/0xbc [ 2538.461093] el0t_64_sync+0x1a8/0x1ac T1: T2: sd_remove del_gendisk __blk_mark_disk_dead blk_freeze_queue_start ++q->mq_freeze_depth bdev_release mutex_lock(&disk->open_mutex) sd_release scsi_execute_cmd blk_queue_enter wait_event(!q->mq_freeze_depth) mutex_lock(&disk->open_mutex) SCSI does not set GD_OWNS_QUEUE, so QUEUE_FLAG_DYING is not set in this scenario. This is a classic ABBA deadlock. To fix the deadlock, make sure we don't try to acquire disk->open_mutex after freezing the queue.
AI-Powered Analysis
Technical Analysis
CVE-2024-42294 is a vulnerability identified in the Linux kernel related to a deadlock condition occurring between the functions sd_remove and sd_release within the block device subsystem. The issue manifests as a classic ABBA deadlock involving the acquisition of the disk's open_mutex lock after freezing the block queue. Specifically, the deadlock arises because the SCSI subsystem does not set the GD_OWNS_QUEUE flag, which means the QUEUE_FLAG_DYING is not set in this scenario. Consequently, when the system attempts to remove or release SCSI devices, the kernel threads become blocked waiting on mutexes that are held by each other, causing hung tasks and system stalls. The provided kernel log traces show tasks such as "kworker/0:0" and "fsck." being blocked for extended periods (over 188 seconds), indicating significant system unresponsiveness. The deadlock occurs during device removal and release operations, particularly involving SCSI devices and USB storage disconnects, which can freeze the system or delay critical I/O operations. The root cause is the improper ordering of lock acquisition and queue freezing, which the patch aims to fix by ensuring the disk's open_mutex is not acquired after the queue is frozen. This vulnerability affects Linux kernel versions identified by the commit hash eec1be4c30df73238b936fa9f3653773a6f8b15c and likely other related versions before the patch. No known exploits in the wild have been reported yet, and no CVSS score has been assigned at the time of publication.
Potential Impact
For European organizations, this vulnerability can lead to system instability and denial of service conditions on Linux servers and devices that manage SCSI or USB storage devices. The deadlock can cause critical system processes to hang, potentially leading to downtime of services relying on affected Linux systems. This is particularly impactful for data centers, cloud providers, and enterprises using Linux-based infrastructure for storage management, virtual machines, or container orchestration. The inability to properly remove or release storage devices can disrupt maintenance operations and automated workflows, increasing operational risks. In environments with high storage I/O demands, such as financial institutions, research centers, or telecommunications providers, this could degrade performance or cause outages. Although no direct data breach or privilege escalation is indicated, the availability impact alone can have significant business consequences, including loss of productivity and potential SLA violations. The impact is heightened in environments where Linux kernels are customized or updated infrequently, as unpatched systems remain vulnerable to these deadlocks.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize applying the official Linux kernel patches that address the deadlock between sd_remove and sd_release. Kernel updates should be tested and deployed promptly, especially on systems handling critical storage operations. Organizations should audit their Linux kernel versions to identify affected systems using the specified commit hashes or kernel versions known to contain this issue. For environments where immediate patching is not feasible, temporary mitigation could include minimizing device removal operations or USB storage disconnects during peak operational hours to reduce the risk of triggering the deadlock. Monitoring kernel logs for hung tasks or blocked processes related to block device operations can help detect early signs of the issue. Additionally, organizations should review their storage device management procedures and consider implementing redundancy or failover mechanisms to maintain availability during maintenance windows. Coordination with hardware vendors and Linux distribution maintainers is recommended to ensure timely updates and support.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-30T07:40:12.269Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe1e62
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 6:55:48 AM
Last updated: 7/31/2025, 8:45:17 AM
Views: 9
Related Threats
Researcher to release exploit for full auth bypass on FortiWeb
HighCVE-2025-9091: Hard-coded Credentials in Tenda AC20
LowCVE-2025-9090: Command Injection in Tenda AC20
MediumCVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.