CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size

Published Jun 19, 2024
·
Updated

In the Linux kernel, the following vulnerability has been resolved:

md: fix resync softlockup when bitmap size is less than array size

Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup:

kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s! [mdXresync:6976] CPU: 7 PID: 3588 Comm: mdXresync Kdump: loaded Not tainted 6.9.0-rc4-next-20240419 #1 RIP: 0010:rawspinunlockirq+0x13/0x30 Call Trace: <TASK> mdbitmapstartsync+0x6b/0xf0 raid10syncrequest+0x25c/0x1b40 [raid10] mddosync+0x64b/0x1020 mdthread+0xa7/0x170 kthread+0xcf/0x100 retfromfork+0x30/0x50 retfromforkasm+0x1a/0x30

And the detailed process is as follows:

mddosync j = mddev->resyncmin while (j < maxsectors) sectors = raid10syncrequest(mddev, j, &skipped) if (!mdbitmapstartsync(..., &syncblocks)) // mdbitmapstartsync set syncblocks to 0 return syncblocks + sectorsskippe; // sectors = 0; j += sectors; // j never change

Root cause is that commit 301867b1c168 ("md/raid10: check slab-out-of-bounds in mdbitmapgetcounter") return early from mdbitmapgetcounter(), without setting returned blocks.

Fix this problem by always set returned blocks from mdbitmapgetcounter"(), as it used to be.

Noted that this patch just fix the softlockup problem in kernel, the case that bitmap size doesn't match array size still need to be fixed.

Other sources

In the Linux kernel, the following vulnerability has been resolved:

md: fix resync softlockup when bitmap size is less than array size

The Linux kernel CVE team has assigned CVE-2024-38598 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38598-8629@gregkh/T

Red Hat

Linux Kernel is vulnerable to a denial of service, caused by a flaw in Md. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

IBM

Affected Software

22 affected componentsFixes available
redhat/kernel<4.19.316
4.19.316
redhat/kernel<5.4.278
5.4.278
redhat/kernel<5.10.219
5.10.219
redhat/kernel<5.15.161
5.15.161
redhat/kernel<6.1.93
6.1.93
redhat/kernel<6.6.33
6.6.33
redhat/kernel<6.8.12
6.8.12
redhat/kernel<6.9.3
6.9.3
redhat/kernel<6.10
6.10
Linux Linux kernel>=4.19.291<4.19.316
Linux Linux kernel>=5.4.251<5.4.278
Linux Linux kernel>=5.10.188<5.10.219
Linux Linux kernel>=5.15.121<5.15.161
Linux Linux kernel>=6.1.39<6.1.93
Linux Linux kernel>=6.5<6.6.33
Linux Linux kernel>=6.7<6.8.12
Linux Linux kernel>=6.9<6.9.3
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

Remediation

Patch Available

https://git.kernel.org/stable/c/3f5b73ef8fd6268cbc968b308d8eafe56fda97f3

Patch Available

https://git.kernel.org/stable/c/43771597feba89a839c5f893716df88ae5c237ce

Patch Available

https://git.kernel.org/stable/c/5817f43ae1a118855676f57ef7ab50e37eac7482

Patch Available

https://git.kernel.org/stable/c/69296914bfd508c85935bf5f711cad9b0fe78492

Patch Available

https://git.kernel.org/stable/c/71e8e4f288e74a896b6d9cd194f3bab12bd7a10f

Patch Available

https://git.kernel.org/stable/c/8bbc71315e0ae4bb7e37f8d43b915e1cb01a481b

Patch Available

https://git.kernel.org/stable/c/c9566b812c8f66160466cc1e29df6d3646add0b1

Patch Available

https://git.kernel.org/stable/c/d4b9c764d48fa41caa24cfb4275f3aa9fb4bd798

Patch Available

https://git.kernel.org/stable/c/f0e729af2eb6bee9eb58c4df1087f14ebaefe26b

Event History

Jun 19, 2024
CVE Published
via MITRE·01:45 PM
Data Sourced
via MITRE·01:45 PM
Description
Data Sourced
via NVD·02:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Aug 8, 2024
Data Sourced
via Launchpad·11:30 PM
Description
May 1, 2025
Data Sourced
via Ubuntu·12:31 AM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-38598?

CVE-2024-38598 has been classified as a serious vulnerability in the Linux kernel that can lead to system instability.

2

How do I fix CVE-2024-38598?

To remediate CVE-2024-38598, update the Linux kernel to versions 4.19.317, 5.4.279, 5.10.220, 5.15.162, 6.1.94, or later as recommended by your distribution.

3

What versions of the Linux kernel are affected by CVE-2024-38598?

CVE-2024-38598 affects multiple kernel versions including those before 4.19.316, 5.4.278, 5.10.219, 5.15.161, and 6.1.93.

4

Who is the vendor for the fixed versions of CVE-2024-38598?

The vendor for the fixed versions of CVE-2024-38598 is Red Hat as well as Debian for their respective kernel packages.

5

Are there specific configurations that expose systems to CVE-2024-38598?

Yes, using dm-raid10 while performing lvextend and lvchange with sync actions can trigger the soft lockup associated with CVE-2024-38598.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203