Deadlock The advisory has been revoked - it doesn't affect any version of package kernel-cross-headers  (opens in a new tab)

The Red Hat security team deemed this advisory irrelevant for RHEL:9.

Note: Versions mentioned in the description apply only to the upstream kernel-cross-headers package and not the kernel-cross-headers package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

block: fix deadlock between bd_link_disk_holder and partition scan

'open_mutex' of gendisk is used to protect open/close block devices. But in bd_link_disk_holder(), it is used to protect the creation of symlink between holding disk and slave bdev, which introduces some issues.

When bd_link_disk_holder() is called, the driver is usually in the process of initialization/modification and may suspend submitting io. At this time, any io hold 'open_mutex', such as scanning partitions, can cause deadlocks. For example, in raid:

T1 T2 bdev_open_by_dev lock open_mutex [1] ... efi_partition ... md_submit_bio md_ioctl mddev_syspend -> suspend all io md_add_new_disk bind_rdev_to_array bd_link_disk_holder try lock open_mutex [2] md_handle_request -> wait mddev_resume

T1 scan partition, T2 add a new device to raid. T1 waits for T2 to resume mddev, but T2 waits for open_mutex held by T1. Deadlock occurs.

Fix it by introducing a local mutex 'blk_holder_mutex' to replace 'open_mutex'.

• https://access.redhat.com/security/cve/CVE-2024-26899
• https://git.kernel.org/stable/c/03f12122b20b6e6028e9ed69030a49f9cffcbb75
• https://git.kernel.org/stable/c/1e5c5b0abaee7b62a10b9707a62083b71ad21f62
• https://git.kernel.org/stable/c/5a87c1f7993bc8ac358a3766bac5dc7126e01e98