In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
Inthe Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
Inthe Linux kernel, the following vulnerability hasbeen resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
Inthe Linux kernel,the following vulnerabilityhas been resolved:io_uring/io-wq:Use set_bit()and test_bit() at worker->flagsUtilize set_bit()and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flagsmay be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 oncpu28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 oncpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Mergetag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writesand reads tothe same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code touse atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and"and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes inthe structure.The Linux kernelCVE teamhas assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
IntheLinux kernel, thefollowing vulnerability hasbeen resolved:io_uring/io-wq: Useset_bit() andtest_bit() at worker->flagsUtilize set_bit() andtest_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags maybe accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu28:io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes andreads to thesame memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to useatomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and"or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in thestructure.The Linux kernel CVEteam hasassigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In theLinux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
Inthe Linux kernel, thefollowing vulnerability has been resolved:io_uring/io-wq: Useset_bit() and test_bit() at worker->flagsUtilizeset_bit() and test_bit() on worker->flags within io_uring/io-wqto addresspotential dataraces.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata racesoccurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN:data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running ondifferent CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulationof worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
IntheLinuxkernel, the followingvulnerability has been resolved:io_uring/io-wq: Use set_bit()and test_bit() at worker->flagsUtilize set_bit()and test_bit() on worker->flags within io_uring/io-wqto address potentialdata races.Thestructure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurringin io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-racein io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5:io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on differentCPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of workerflags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic "and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In theLinux kernel,the followingvulnerability has been resolved:io_uring/io-wq:Useset_bit() andtest_bit() at worker->flagsUtilize set_bit() and test_bit()on worker->flags within io_uring/io-wqto address potential dataraces.The structure io_worker->flags may be accessed through various datapaths,leadingto concurrency issues.When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_workerfunctions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ("Merge tag 'for-linus' ofgit://git.kernel.org/pub/scm/virt/kvm/kvm").These races involve writes and reads tothe same memory location bydifferenttasks running ondifferent CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic"and" and "or" operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.The Linux kernel CVE team has assigned CVE-2024-39508 to this issue.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
IntheLinuxkernel,the followingvulnerabilityhas been resolved:io_uring/io-wq: Use set_bit()andtest_bit() atworker->flagsUtilize set_bit() and test_bit() on worker->flagswithin io_uring/io-wqto address potential data races.The structureio_worker->flags may be accessed through various datapaths, leading to concurrencyissues.When KCSAN is enabled,it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN:data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 oncpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks runningon different CPUs. To mitigate this,refactorthe codeto use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safemanipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work /io_wq_activate_free_worker write to 0xffff8885c4246404 of 4bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 (Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work/ io_wq_activate_free_worker write to 0xffff8885c4246404 of4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.
| linux | | https://git.kernel.org/linus/8a565304927fbd28c9f028c492b5c1714002cbab | https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | ubuntu |
</details>
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:io_uring/io-wq: Use set_bit() and test_bit() at worker->flagsUtilize set_bit() and test_bit() on worker->flags within io_uring/io-wqto address potential data races.The structure io_worker->flags may be accessed through various datapaths, leading to concurrency issues. When KCSAN is enabled, it revealsdata races occurring in io_worker_handle_work andio_wq_activate_free_worker functions. BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) io_wq_worker (io_uring/io-wq.c:?)<snip> read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) io_wq_enqueue (io_uring/io-wq.c:947) io_queue_iowq (io_uring/io_uring.c:524) io_req_task_submit (io_uring/io_uring.c:1511) io_handle_tw_list (io_uring/io_uring.c:1198)<snip>Line numbers against commit 18daea77cca6 ( Merge tag for-linus ofgit://git.kernel.org/pub/scm/virt/kvm/kvm ).These races involve writes and reads to the same memory location bydifferent tasks running on different CPUs. To mitigate this, refactorthe code to use atomic operations such as set_bit(), test_bit(), andclear_bit() instead of basic and and or operations. This ensuresthread-safe manipulation of worker flags.Also, move `create_index` to avoid holes in the structure.