CVE-2024-26671: blk-mq: fix IO hang from sbitmap wakeup race

Q: What is the severity of CVE-2024-26671?

CVE-2024-26671 is considered a medium severity vulnerability affecting the Linux kernel.

Q: How do I fix CVE-2024-26671?

To fix CVE-2024-26671, update the Linux kernel to the fixed versions specified in the vulnerability details.

Q: Which Linux kernel versions are affected by CVE-2024-26671?

CVE-2024-26671 affects various versions of the Linux kernel, including versions prior to 4.19.307, 5.4.269, 5.10.210, 5.15.149, 6.1.77, 6.6.16, 6.7.4, and 6.8.

Q: What type of systems are impacted by CVE-2024-26671?

Systems running vulnerable versions of the Linux kernel on Red Hat and Debian distributions are impacted by CVE-2024-26671.

Q: What are the potential consequences of CVE-2024-26671?

Exploiting CVE-2024-26671 may lead to an IO hang due to race conditions in the block layer of the Linux kernel.

Published Apr 2, 2024

Updated

blk-mq: fix IO hang from sbitmap wakeup race

Affected Software

22 affected componentsFixes available

Linux Linux kernel<4.19.307

Linux Linux kernel>=4.20<5.4.269

Linux Linux kernel>=5.5<5.10.210

Linux Linux kernel>=5.11<5.15.149

Linux Linux kernel>=5.16<6.1.77

Linux Linux kernel>=6.2<6.7.4

Debian Debian Linux=10.0

IBM Security Verify Governance<=ISVG 10.0.2

IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2

IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2

IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2

debian/linux

5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

redhat/kernel<4.19.307

4.19.307

redhat/kernel<5.4.269

5.4.269

redhat/kernel<5.10.210

5.10.210

redhat/kernel<5.15.149

5.15.149

redhat/kernel<6.1.77

6.1.77

redhat/kernel<6.6.16

6.6.16

redhat/kernel<6.7.4

6.7.4

redhat/kernel<6.8

6.8

Microsoft azl3 kernel 6.6.92.2-1

Patch available

Microsoft azl3 kernel 6.6.82.1-1

Patch available

Remediation

Event History

Apr 2, 2024

CVE Published

via MITRE·06:49 AM

Data Sourced

via MITRE·06:49 AM

Description

Data Sourced

via Red Hat·11:36 PM

DescriptionSeverityAffected Software

May 7, 2024

Data Sourced

via Launchpad·08:28 PM

Description

Apr 29, 2025

Data Sourced

via Ubuntu·06:12 AM

RemedyDescriptionSeverityAffected Software

Sep 4, 2025

Data Sourced

via Microsoft·07:53 AM

DescriptionSeverityWeakness

Data Sourced

via Microsoft·07:53 AM

Affected Software

Updated

via Microsoft·07:53 AM

DescriptionSeverity

Parent advisories

This vulnerability appears in the following advisories.

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2024-26671?

CVE-2024-26671 is considered a medium severity vulnerability affecting the Linux kernel.

How do I fix CVE-2024-26671?

To fix CVE-2024-26671, update the Linux kernel to the fixed versions specified in the vulnerability details.

Which Linux kernel versions are affected by CVE-2024-26671?

CVE-2024-26671 affects various versions of the Linux kernel, including versions prior to 4.19.307, 5.4.269, 5.10.210, 5.15.149, 6.1.77, 6.6.16, 6.7.4, and 6.8.

What type of systems are impacted by CVE-2024-26671?

Systems running vulnerable versions of the Linux kernel on Red Hat and Debian distributions are impacted by CVE-2024-26671.

What are the potential consequences of CVE-2024-26671?

Exploiting CVE-2024-26671 may lead to an IO hang due to race conditions in the block layer of the Linux kernel.

CVE-2024-26671: blk-mq: fix IO hang from sbitmap wakeup race

Affected Software

Remediation

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Event History

Parent advisories

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-26671?

How do I fix CVE-2024-26671?

Which Linux kernel versions are affected by CVE-2024-26671?

What type of systems are impacted by CVE-2024-26671?

What are the potential consequences of CVE-2024-26671?

Company

Resources

Contact