{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-47696","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-30T16:00:12.942Z","datePublished":"2024-10-21T11:53:33.950Z","dateUpdated":"2025-11-03T22:21:01.362Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:37:36.111Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\n\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to\ndestroying CM IDs\"), the function flush_workqueue is invoked to flush the\nwork queue iwcm_wq.\n\nBut at that time, the work queue iwcm_wq was created via the function\nalloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\n\nBecause the current process is trying to flush the whole iwcm_wq, if\niwcm_wq doesn't have the flag WQ_MEM_RECLAIM, verify that the current\nprocess is not reclaiming memory or running on a workqueue which doesn't\nhave the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee\nleading to a deadlock.\n\nThe call trace is as below:\n\n[  125.350876][ T1430] Call Trace:\n[  125.356281][ T1430]  <TASK>\n[ 125.361285][ T1430] ? __warn (kernel/panic.c:693)\n[ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970)\n[ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151)\n[ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm\n[ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910)\n[ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161)\n[ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm\n[ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma\n[ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma\n[ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231)\n[ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393)\n[ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339)\n[ 125.531837][ T1430] kthread (kernel/kthread.c:389)\n[ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147)\n[ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n[  125.566487][ T1430]  </TASK>\n[  125.566488][ T1430] ---[ end trace 0000000000000000 ]---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/infiniband/core/iwcm.c"],"versions":[{"version":"d91d253c87fd1efece521ff2612078a35af673c6","lessThan":"da2708a19f45b4a7278adf523837c8db21d1e2b5","status":"affected","versionType":"git"},{"version":"7f25f296fc9bd0435be14e89bf657cd615a23574","lessThan":"29b3bbd912b8db86df7a3c180b910ccb621f5635","status":"affected","versionType":"git"},{"version":"94ee7ff99b87435ec63211f632918dc7f44dac79","lessThan":"2efe8da2ddbf873385b4bc55366d09350b408df6","status":"affected","versionType":"git"},{"version":"557d035fe88d78dd51664f4dc0e1896c04c97cf6","lessThan":"da0392698c62397c19deb1b9e9bdf2fbb5a9420e","status":"affected","versionType":"git"},{"version":"dc8074b8901caabb97c2d353abd6b4e7fa5a59a5","lessThan":"a64f30db12bdc937c5108158d98c8eab1925c548","status":"affected","versionType":"git"},{"version":"ff5bbbdee08287d75d72e65b72a2b76d9637892a","lessThan":"8b7df76356d098f85f3bd2c7cf6fb43f531893d7","status":"affected","versionType":"git"},{"version":"ee39384ee787e86e9db4efb843818ef0ea9cb8ae","lessThan":"c8b18a75282cfd27822a8cc3c1f005c1ac8d1a58","status":"affected","versionType":"git"},{"version":"aee2424246f9f1dadc33faa78990c1e2eb7826e4","lessThan":"a09dc967b3c58899e259c0aea092f421d22a0b04","status":"affected","versionType":"git"},{"version":"aee2424246f9f1dadc33faa78990c1e2eb7826e4","lessThan":"86dfdd8288907f03c18b7fb462e0e232c4f98d89","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/infiniband/core/iwcm.c"],"versions":[{"version":"6.11","status":"affected"},{"version":"0","lessThan":"6.11","status":"unaffected","versionType":"semver"},{"version":"4.19.323","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.227","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.168","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.113","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.54","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.13","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11.2","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.320","versionEndExcluding":"4.19.323"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.282","versionEndExcluding":"5.4.285"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.224","versionEndExcluding":"5.10.227"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.165","versionEndExcluding":"5.15.168"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.103","versionEndExcluding":"6.1.113"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.44","versionEndExcluding":"6.6.54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10.3","versionEndExcluding":"6.10.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/da2708a19f45b4a7278adf523837c8db21d1e2b5"},{"url":"https://git.kernel.org/stable/c/29b3bbd912b8db86df7a3c180b910ccb621f5635"},{"url":"https://git.kernel.org/stable/c/2efe8da2ddbf873385b4bc55366d09350b408df6"},{"url":"https://git.kernel.org/stable/c/da0392698c62397c19deb1b9e9bdf2fbb5a9420e"},{"url":"https://git.kernel.org/stable/c/a64f30db12bdc937c5108158d98c8eab1925c548"},{"url":"https://git.kernel.org/stable/c/8b7df76356d098f85f3bd2c7cf6fb43f531893d7"},{"url":"https://git.kernel.org/stable/c/c8b18a75282cfd27822a8cc3c1f005c1ac8d1a58"},{"url":"https://git.kernel.org/stable/c/a09dc967b3c58899e259c0aea092f421d22a0b04"},{"url":"https://git.kernel.org/stable/c/86dfdd8288907f03c18b7fb462e0e232c4f98d89"}],"title":"RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-47696","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-21T13:05:12.849051Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-21T13:14:14.398Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:21:01.362Z"}}]}}