CVE-2024-57807

MEDIUM

Linux Kernel < 5.4.289 - Improper Locking

Title source: rule
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock(&instance->reset_mutex); lock(&shost->scan_mutex); lock(&instance->reset_mutex); lock(&shost->scan_mutex); Fix this by temporarily releasing the reset_mutex.

References (9)

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 1.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-667
Status published
Products (8)
linux/Kernel < 5.4.289linux
linux/Kernel 5.11.0 - 5.15.176linux
linux/Kernel 5.14.0 - 6.1.123linux
linux/Kernel 5.16.0 - 6.6.69linux
linux/Kernel 5.5.0 - 5.10.233linux
linux/Kernel 6.2.0 - 6.12.8linux
linux/linux_kernel 6.13 rc1
linux/linux_kernel < 5.4.289
Published Jan 11, 2025
Tracked Since Feb 18, 2026