CVE-2024-44953: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcd_rpm_get_sync() to wait for runtime resume. Here is deadlock backtrace: kworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367 ptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff <ffffffee5e71ddb0> __switch_to+0x1a8/0x2d4 <ffffffee5e71e604> __schedule+0x684/0xa98 <ffffffee5e71ea60> schedule+0x48/0xc8 <ffffffee5e725f78> schedule_timeout+0x48/0x170 <ffffffee5e71fb74> do_wait_for_common+0x108/0x1b0 <ffffffee5e71efe0> wait_for_completion+0x44/0x60 <ffffffee5d6de968> __flush_work+0x39c/0x424 <ffffffee5d6decc0> __cancel_work_sync+0xd8/0x208 <ffffffee5d6dee2c> cancel_delayed_work_sync+0x14/0x28 <ffffffee5e2551b8> __ufshcd_wl_suspend+0x19c/0x480 <ffffffee5e255fb8> ufshcd_wl_runtime_suspend+0x3c/0x1d4 <ffffffee5dffd80c> scsi_runtime_suspend+0x78/0xc8 <ffffffee5df93580> __rpm_callback+0x94/0x3e0 <ffffffee5df90b0c> rpm_suspend+0x2d4/0x65c <ffffffee5df91448> __pm_runtime_suspend+0x80/0x114 <ffffffee5dffd95c> scsi_runtime_idle+0x38/0x6c <ffffffee5df912f4> rpm_idle+0x264/0x338 <ffffffee5df90f14> __pm_runtime_idle+0x80/0x110 <ffffffee5e24ce44> ufshcd_rtc_work+0x128/0x1e4 <ffffffee5d6e3a40> process_one_work+0x26c/0x650 <ffffffee5d6e65c8> worker_thread+0x260/0x3d8 <ffffffee5d6edec8> kthread+0x110/0x134 <ffffffee5d616b18> ret_from_fork+0x10/0x20 Skip updating RTC if RPM state is not RPM_ACTIVE.
AI Analysis
Technical Summary
CVE-2024-44953 is a vulnerability identified in the Linux kernel specifically related to the SCSI UFS (Universal Flash Storage) core subsystem. The issue arises from a deadlock condition during the Real-Time Clock (RTC) update process. The deadlock occurs because the runtime suspend operation waits for the RTC work to flush, while the RTC work itself calls ufshcd_rpm_get_sync() to wait for a runtime resume. This circular wait leads to a deadlock, effectively halting progress in the kernel worker thread responsible for this task. The backtrace provided in the vulnerability description shows the kernel worker thread stuck in a scheduling loop waiting for completion of work that cannot proceed due to the deadlock. The root cause is a dependency cycle between runtime suspend and RTC work synchronization calls within the UFS host controller driver (ufshcd). The fix implemented skips the RTC update if the runtime power management (RPM) state is not RPM_ACTIVE, thereby breaking the deadlock cycle. This vulnerability affects Linux kernel versions identified by specific commit hashes, indicating it is present in certain recent kernel builds prior to the patch. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability is technical and low-level, impacting kernel power management and device driver synchronization mechanisms.
Potential Impact
For European organizations, the impact of CVE-2024-44953 primarily concerns systems running Linux kernels with affected UFS subsystems, which are common in embedded devices, mobile devices, and some server/storage environments. The deadlock can cause system hangs or unresponsiveness during runtime suspend operations, potentially leading to denial of service conditions. This can affect availability of critical systems relying on Linux for storage management, particularly those using UFS storage devices. In sectors such as telecommunications, industrial control, and cloud infrastructure where Linux is prevalent, this could disrupt operations or require system reboots, impacting service continuity. While confidentiality and integrity are not directly compromised, the availability impact can be significant in environments requiring high uptime. European organizations using Linux-based embedded systems or servers with UFS storage should be aware of this risk, especially in industries with stringent uptime requirements such as finance, healthcare, and manufacturing.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2024-44953. Since the fix involves skipping RTC updates when the RPM state is not active, applying the official kernel patch or upgrading to a fixed kernel version is the most effective measure. For environments where immediate patching is not feasible, organizations should monitor system logs for symptoms of deadlocks related to runtime suspend and RTC work, and consider temporarily disabling runtime power management for UFS devices as a workaround, understanding this may increase power consumption. Additionally, thorough testing of kernel updates in staging environments is recommended to ensure stability. Organizations should also maintain robust incident response plans to quickly recover from potential system hangs caused by this issue. Close collaboration with Linux distribution vendors and embedded system providers is advised to receive timely updates and guidance.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2024-44953: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcd_rpm_get_sync() to wait for runtime resume. Here is deadlock backtrace: kworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367 ptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff <ffffffee5e71ddb0> __switch_to+0x1a8/0x2d4 <ffffffee5e71e604> __schedule+0x684/0xa98 <ffffffee5e71ea60> schedule+0x48/0xc8 <ffffffee5e725f78> schedule_timeout+0x48/0x170 <ffffffee5e71fb74> do_wait_for_common+0x108/0x1b0 <ffffffee5e71efe0> wait_for_completion+0x44/0x60 <ffffffee5d6de968> __flush_work+0x39c/0x424 <ffffffee5d6decc0> __cancel_work_sync+0xd8/0x208 <ffffffee5d6dee2c> cancel_delayed_work_sync+0x14/0x28 <ffffffee5e2551b8> __ufshcd_wl_suspend+0x19c/0x480 <ffffffee5e255fb8> ufshcd_wl_runtime_suspend+0x3c/0x1d4 <ffffffee5dffd80c> scsi_runtime_suspend+0x78/0xc8 <ffffffee5df93580> __rpm_callback+0x94/0x3e0 <ffffffee5df90b0c> rpm_suspend+0x2d4/0x65c <ffffffee5df91448> __pm_runtime_suspend+0x80/0x114 <ffffffee5dffd95c> scsi_runtime_idle+0x38/0x6c <ffffffee5df912f4> rpm_idle+0x264/0x338 <ffffffee5df90f14> __pm_runtime_idle+0x80/0x110 <ffffffee5e24ce44> ufshcd_rtc_work+0x128/0x1e4 <ffffffee5d6e3a40> process_one_work+0x26c/0x650 <ffffffee5d6e65c8> worker_thread+0x260/0x3d8 <ffffffee5d6edec8> kthread+0x110/0x134 <ffffffee5d616b18> ret_from_fork+0x10/0x20 Skip updating RTC if RPM state is not RPM_ACTIVE.
AI-Powered Analysis
Technical Analysis
CVE-2024-44953 is a vulnerability identified in the Linux kernel specifically related to the SCSI UFS (Universal Flash Storage) core subsystem. The issue arises from a deadlock condition during the Real-Time Clock (RTC) update process. The deadlock occurs because the runtime suspend operation waits for the RTC work to flush, while the RTC work itself calls ufshcd_rpm_get_sync() to wait for a runtime resume. This circular wait leads to a deadlock, effectively halting progress in the kernel worker thread responsible for this task. The backtrace provided in the vulnerability description shows the kernel worker thread stuck in a scheduling loop waiting for completion of work that cannot proceed due to the deadlock. The root cause is a dependency cycle between runtime suspend and RTC work synchronization calls within the UFS host controller driver (ufshcd). The fix implemented skips the RTC update if the runtime power management (RPM) state is not RPM_ACTIVE, thereby breaking the deadlock cycle. This vulnerability affects Linux kernel versions identified by specific commit hashes, indicating it is present in certain recent kernel builds prior to the patch. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability is technical and low-level, impacting kernel power management and device driver synchronization mechanisms.
Potential Impact
For European organizations, the impact of CVE-2024-44953 primarily concerns systems running Linux kernels with affected UFS subsystems, which are common in embedded devices, mobile devices, and some server/storage environments. The deadlock can cause system hangs or unresponsiveness during runtime suspend operations, potentially leading to denial of service conditions. This can affect availability of critical systems relying on Linux for storage management, particularly those using UFS storage devices. In sectors such as telecommunications, industrial control, and cloud infrastructure where Linux is prevalent, this could disrupt operations or require system reboots, impacting service continuity. While confidentiality and integrity are not directly compromised, the availability impact can be significant in environments requiring high uptime. European organizations using Linux-based embedded systems or servers with UFS storage should be aware of this risk, especially in industries with stringent uptime requirements such as finance, healthcare, and manufacturing.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2024-44953. Since the fix involves skipping RTC updates when the RPM state is not active, applying the official kernel patch or upgrading to a fixed kernel version is the most effective measure. For environments where immediate patching is not feasible, organizations should monitor system logs for symptoms of deadlocks related to runtime suspend and RTC work, and consider temporarily disabling runtime power management for UFS devices as a workaround, understanding this may increase power consumption. Additionally, thorough testing of kernel updates in staging environments is recommended to ensure stability. Organizations should also maintain robust incident response plans to quickly recover from potential system hangs caused by this issue. Close collaboration with Linux distribution vendors and embedded system providers is advised to receive timely updates and guidance.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-08-21T05:34:56.666Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9826c4522896dcbe0d24
Added to database: 5/21/2025, 9:08:54 AM
Last enriched: 6/28/2025, 11:09:37 PM
Last updated: 8/17/2025, 6:35:40 AM
Views: 16
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.