Deadlock Vulnerability in Linux Kernel SCSI Megaraid_sas Driver
CVE-2024-57807

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

What is CVE-2024-57807?

A deadlock vulnerability has been identified in the Linux kernel's SCSI megaraid_sas driver, where a possible circular locking dependency could lead to system instability. This occurs when two or more locking mechanisms are engaged in such a way that each is waiting for the other to release its lock, potentially causing a complete standstill in system operations. The recent fix addresses this issue by strategically releasing the reset_mutex temporarily to prevent the deadlock condition, thereby enhancing the overall resilience and performance of the SCSI subsystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e8c75b5d88f255ac5dcc4a90ae0c300f0b171fe7 < 78afb9bfad00c4aa58a424111d7edbcab9452f2b

Linux 422fb12054f42c4c82e3959811afd01bc080821a

Linux ae6874ba4b43c5a00065f48599811a09d33b873d < 3c654998a3e8167a58b6c6fede545fe400a4b554

References

https://git.kernel.org/stable/c/78afb9bfad00c4aa58a424111...

https://git.kernel.org/stable/c/f36d024bd15ed356a80dda3dd...

https://git.kernel.org/stable/c/3c654998a3e8167a58b6c6fed...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025

JSON

Linux

What is CVE-2024-57807?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.