CVE-2025-21807
Published Feb 27, 2025
Last updated a month ago
- Description
- In the Linux kernel, the following vulnerability has been resolved: block: fix queue freeze vs limits lock order in sysfs store methods queue_attr_store() always freezes a device queue before calling the attribute store operation. For attributes that control queue limits, the store operation will also lock the queue limits with a call to queue_limits_start_update(). However, some drivers (e.g. SCSI sd) may need to issue commands to a device to obtain limit values from the hardware with the queue limits locked. This creates a potential ABBA deadlock situation if a user attempts to modify a limit (thus freezing the device queue) while the device driver starts a revalidation of the device queue limits. Avoid such deadlock by not freezing the queue before calling the ->store_limit() method in struct queue_sysfs_entry and instead use the queue_limits_commit_update_frozen helper to freeze the queue after taking the limits lock. This also removes taking the sysfs lock for the store_limit method as it doesn't protect anything here, but creates even more nesting. Hopefully it will go away from the actual sysfs methods entirely soon. (commit log adapted from a similar patch from Damien Le Moal)
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Received
- Hype score
- Not currently trending
🚨 CVE-2025-21807 ❓ 🏢 Linux - Linux 🏗️ 0327ca9d53bfbb0918867313049bba7046900f73 🔗 https://t.co/rlRjTxb3un 🔗 https://t.co/T9TzZSrden #CyberCron #VulnAlert @Linux https://t.co/lCp056sdpu
@cybercronai
1 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21807 02/27/2025 08:16:03 PM In the Linux kernel, the following vulnerability has been resolved: block: fix queue freeze vs limits lock order in sysfs store methods queue_attr_store() always fr... https://t.co/dHNcj3td4o
@CVETracker
28 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes