- Vulnerability/
- CVE-2024-56641
CVE-2024-56641: net/smc: initialize close_work early to avoid warning
First published: Fri Dec 27 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize close_work early to avoid warning We encountered a warning that close_work was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0 Workqueue: events smc_lgr_terminate_work [smc] RIP: 0010:__flush_work+0x19e/0x1b0 Call Trace: ? __wake_up_common+0x7a/0x190 ? work_busy+0x80/0x80 __cancel_work_timer+0xe3/0x160 smc_close_cancel_work+0x1a/0x70 [smc] smc_close_active_abort+0x207/0x360 [smc] __smc_lgr_terminate.part.38+0xc8/0x180 [smc] process_one_work+0x19e/0x340 worker_thread+0x30/0x370 ? process_one_work+0x340/0x340 kthread+0x117/0x130 ? __kthread_cancel_work+0x50/0x50 ret_from_fork+0x22/0x30 This is because when smc_close_cancel_work is triggered, e.g. the RDMA driver is rmmod and the LGR is terminated, the conn->close_work is flushed before initialization, resulting in WARN_ON(!work->func). __smc_lgr_terminate | smc_connect_{rdma|ism} ------------------------------------------------------------- | smc_conn_create | \- smc_lgr_register_conn for conn in lgr->conns_all | \- smc_conn_kill | \- smc_close_active_abort | \- smc_close_cancel_work | \- cancel_work_sync | \- __flush_work | (close_work) | | smc_close_init | \- INIT_WORK(&close_work) So fix this by initializing close_work before establishing the connection.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| debian/linux | <=5.10.223-1<=5.10.234-1<=6.1.129-1<=6.1.128-1 | 6.12.20-1 6.12.21-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/0541db8ee32c09463a72d0987382b3a3336b0043
- https://git.kernel.org/stable/c/6638e52dcfafaf1b9cbc34544f0c832db0069ea1
- https://git.kernel.org/stable/c/f0c37002210aaede10dae849d1a78efc2243add2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56641
- https://nvd.nist.gov/vuln/detail/CVE-2024-56641
- https://launchpad.net/bugs/cve/CVE-2024-56641
- https://security-tracker.debian.org/tracker/CVE-2024-56641
- https://ubuntu.com/security/CVE-2024-56641
- https://git.kernel.org/linus/0541db8ee32c09463a72d0987382b3a3336b0043
Frequently Asked Questions
What is the severity of CVE-2024-56641?
The severity of CVE-2024-56641 is considered to be low as it relates to a warning rather than a security exploit.
How do I fix CVE-2024-56641?
To fix CVE-2024-56641, update your Linux kernel to the latest version where this issue has been resolved.
What versions of the Linux kernel are affected by CVE-2024-56641?
CVE-2024-56641 affects various versions of the Linux kernel prior to the patch that addresses this issue.
What systems are impacted by CVE-2024-56641?
Any system running an affected version of the Linux kernel may experience warnings related to this vulnerability.
What type of issue does CVE-2024-56641 address?
CVE-2024-56641 addresses a programming issue in the Linux kernel that may lead to a warning during operation.
- agent/severity
- agent/title
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/usn-cve
- source/Ubuntu
- collector/nvd-cve
- collector/launchpad-cve
- source/Launchpad
- agent/references
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/linux
- canonical/linux kernel
- package-manager/debian