CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
Description
In the Linux kernel, the following vulnerability has been resolved:
netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
In fscache_create_volume(), there is a missing memory barrier between the
bit-clearing operation and the wake-up operation. This may cause a
situation where, after a wake-up, the bit-clearing operation hasn't been
detected yet, leading to an indefinite wait. The triggering process is as
follows:
[cookie1] [cookie2] [volume_work]
fscache_perform_lookup
fscache_create_volume
fscache_perform_lookup
fscache_create_volume
fscache_create_volume_work
cachefiles_acquire_volume
clear_and_wake_up_bit
test_and_set_bit
test_and_set_bit
goto maybe_wait
goto no_wait
In the above process, cookie1 and cookie2 has the same volume. When cookie1
enters the -no_wait- process, it will clear the bit and wake up the waiting
process. If a barrier is missing, it may cause cookie2 to remain in the
-wait- process indefinitely.
In commit 3288666c7256 ("fscache: Use clear_and_wake_up_bit() in
fscache_create_volume_work()"), barriers were added to similar operations
in fscache_create_volume_work(), but fscache_create_volume() was missed.
By combining the clear and wake operations into clear_...
Classification
CVE ID: CVE-2024-56755
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 5.08% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)
References
https://git.kernel.org/stable/c/ddab02607eed9e415dc62fde421d4329e5345315https://git.kernel.org/stable/c/539fabba965e119b98066fc6ba5257b5eaf4eda2
https://git.kernel.org/stable/c/8beb682cc9a0798a280bbb95e3e41617237090b2
https://git.kernel.org/stable/c/8cc1df3113cb71a0df2c46dd5b102c9e11c8a8c6
https://git.kernel.org/stable/c/22f9400a6f3560629478e0a64247b8fcc811a24d