In the Linux kernel, the following vulnerability has been resolved:
io-wq: check for wq exit after adding new worker task_work
We check IO_WQ_BIT_EXIT before attempting to create a new worker, and
wq exit cancels pending work if we have any. But it's possible to have
a race between the two, where creation checks exit finding it not set,
but we're in the process of exiting. The exit side will cancel pending
creation task_work, but there's a gap where we add task_work after we've
canceled existing creations at exit time.
Fix this by checking the EXIT bit post adding the creation task_work.
If it's set, run the same cancelation that exit does.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-06-19T14:53:45.393Z
Updated: 2024-08-04T05:39:59.773Z
Reserved: 2024-05-24T15:11:00.730Z
Link: CVE-2021-47577
Vulnrichment
Updated: 2024-08-04T05:39:59.773Z
NVD
Status : Awaiting Analysis
Published: 2024-06-19T15:15:52.223
Modified: 2024-06-20T12:43:25.663
Link: CVE-2021-47577
Redhat