Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem".
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.19.323, < 4.19.325 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/36b537e8f302f670c7cf35d88a3a294443e32d52Patch
- https://git.kernel.org/stable/c/57cc8d253099d1b8627f0fb487ee011d9158ccc9
- https://git.kernel.org/stable/c/5874c1150e77296565ad6e495ef41fbf87570d14Patch
- https://git.kernel.org/stable/c/64e67e8694252c1bf01b802ee911be3fee62c36bPatch
- https://git.kernel.org/stable/c/901dc2ad7c3789fa87dc3956f6697c5d62d5cf7ePatch
- https://git.kernel.org/stable/c/a3c65022d89d5baa2cea8e87a6de983ea305f14c
- https://git.kernel.org/stable/c/d1aa0c04294e29883d65eac6c2f72fe95cc7c049Patch
- https://git.kernel.org/stable/c/d3f9d88c2c03b2646ace336236adca19f7697bd3
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
FAQ
What is CVE-2024-53136?
CVE-2024-53136 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as su...
How severe is CVE-2024-53136?
CVE-2024-53136 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-53136?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.