Primary

Context

Linux Kernel Potential Deadlock Vulnerability in blk_ia_range_sysfs_show()

Vulnerability

A vulnerability in the Linux kernel could lead to a deadlock situation in the blk_ia_range_sysfs_show() function. This issue arises because the function reads a sysfs attribute that is already protected against removal by the kobject node active reference counter. As a result, there is no need to use the queue sysfs lock when accessing the range attribute value. The unnecessary use of this lock can create a deadlock with disk removal processes, a scenario indicated by lockdep with a warning when the device is removed.

Impact

The vulnerability can cause a deadlock, where two processes are unable to proceed because each is waiting for the other to release a lock, potentially leading to a system hang.

Remediation

The vulnerability has been addressed by removing the mutex_lock() and mutex_unlock() calls from the blk_ia_range_sysfs_show() function.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Potential Deadlock Vulnerability in blk_ia_range_sysfs_show()

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating