In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFS_LAYOUT_DRAIN bit in pnfs_update_layout(), however the pnfs_layout_hdr's plh_outstanding count was zero. It seems most likely that this is another race between the waiter and waker similar to commit ed0172af5d6f ("SUNRPC: Fix a race to wake a sync task"). Fix it up by applying the advised barrier.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4/pNFS: Corrección de una ejecución para reactivar NFS_LAYOUT_DRAIN. Se encontraron varios sistemas bloqueados en espera de escritura diferida en el mismo bloqueo de página, y una tarea esperando el bit NFS_LAYOUT_DRAIN en pnfs_update_layout(). Sin embargo, el recuento plh_outstanding de pnfs_layout_hdr era cero. Lo más probable es que se trate de otra ejecución entre el que espera y el que reactiva, similar al commit ed0172af5d6f ("SUNRPC: Corrección de una ejecución para reactivar una tarea de sincronización"). Se soluciona aplicando la barrera recomendada.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | HIGH |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-362
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bde03cbc0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc372100> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bde03da00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc373300> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc3719c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc372600> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc370480> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bde03f0c0> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc3725c0> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc3721c0> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc60ce80> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc373b80> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc371fc0> | Operating System |
| linux | linux_kernel | 5.19 | <built-in method update of dict object at 0x702bdc373d00> | Operating System |
| linux | linux_kernel | 6.16 | <built-in method update of dict object at 0x702bde03e240> | Operating System |
| linux | linux_kernel | 6.16 | <built-in method update of dict object at 0x702bde03c400> | Operating System |
| linux | linux_kernel | 6.16 | <built-in method update of dict object at 0x702bde03ca80> | Operating System |
| linux | linux_kernel | 6.16 | <built-in method update of dict object at 0x702bdc373bc0> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x702bde03de00> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:-:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc7:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.19:rc8:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |