CVE-2024-26602: sched/membarrier: reduce the ability to hammer on sys_membarrier
In the Linux kernel, the following vulnerability has been resolved:
sched/membarrier: reduce the ability to hammer on sysmembarrier
On some systems, sysmembarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize the accesses to prevent the ability for this to be called at too high of a frequency and saturate the machine.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
sched/membarrier: reduce the ability to hammer on sysmembarrier
The Linux kernel CVE team has assigned CVE-2024-26602 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76@gregkh/
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by an error related to sched/membarrier: reducing the ability to hammer on sysmembarrier. A local attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-26602?
CVE-2024-26602 has been identified as a significant vulnerability due to its potential to cause severe performance degradation on affected systems.
How do I fix CVE-2024-26602?
To fix CVE-2024-26602, upgrade to the specified kernel versions or later: kernel 4.19.307, 5.4.269, 5.10.210, 5.15.149, 6.1.79, or 6.6.18.
Which systems are affected by CVE-2024-26602?
CVE-2024-26602 affects specific versions of the Linux kernel and F5 products including BIG-IP and BIG-IQ Centralized Management.
What are the consequences of not addressing CVE-2024-26602?
Failing to address CVE-2024-26602 could result in excessive resource consumption and significant performance slowdowns across systems using the affected kernel versions.
Is there a workaround for CVE-2024-26602?
There are no documented workarounds for CVE-2024-26602; upgrading to the patched kernel versions is the recommended mitigation.