In the Linux kernel, the following vulnerability has been...
Unreviewed
Published
May 1, 2024
to the GitHub Advisory Database
•
Updated May 12, 2024
Description
Published by the National Vulnerability Database
May 1, 2024
Published to the GitHub Advisory Database
May 1, 2024
Last updated
May 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
s390/cio: fix race condition during online processing
A race condition exists in ccw_device_set_online() that can cause the
online process to fail, leaving the affected device in an inconsistent
state. As a result, subsequent attempts to set that device online fail
with return code ENODEV.
The problem occurs when a path verification request arrives after
a wait for final device state completed, but before the result state
is evaluated.
Fix this by ensuring that the CCW-device lock is held between
determining final state and checking result state.
Note that since:
commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")
path verification requests are much more likely to occur during boot,
resulting in an increased chance of this race condition occurring.
References