{"id":"AZL-51521","summary":"CVE-2024-50019 affecting package kernel for versions less than 6.6.57.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nkthread: unpark only parked kthread\n\nCalling into kthread unparking unconditionally is mostly harmless when\nthe kthread is already unparked. The wake up is then simply ignored\nbecause the target is not in TASK_PARKED state.\n\nHowever if the kthread is per CPU, the wake up is preceded by a call\nto kthread_bind() which expects the task to be inactive and in\nTASK_PARKED state, which obviously isn't the case if it is unparked.\n\nAs a result, calling kthread_stop() on an unparked per-cpu kthread\ntriggers such a warning:\n\n\tWARNING: CPU: 0 PID: 11 at kernel/kthread.c:525 __kthread_bind_mask kernel/kthread.c:525\n\t \u003cTASK\u003e\n\t kthread_stop+0x17a/0x630 kernel/kthread.c:707\n\t destroy_workqueue+0x136/0xc40 kernel/workqueue.c:5810\n\t wg_destruct+0x1e2/0x2e0 drivers/net/wireguard/device.c:257\n\t netdev_run_todo+0xe1a/0x1000 net/core/dev.c:10693\n\t default_device_exit_batch+0xa14/0xa90 net/core/dev.c:11769\n\t ops_exit_list net/core/net_namespace.c:178 [inline]\n\t cleanup_net+0x89d/0xcc0 net/core/net_namespace.c:640\n\t process_one_work kernel/workqueue.c:3231 [inline]\n\t process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312\n\t worker_thread+0x86d/0xd70 kernel/workqueue.c:3393\n\t kthread+0x2f0/0x390 kernel/kthread.c:389\n\t ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n\t ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\t \u003c/TASK\u003e\n\nFix this with skipping unecessary unparking while stopping a kthread.","modified":"2026-04-01T05:17:44.571612Z","published":"2024-10-21T20:15:15Z","upstream":["CVE-2024-50019"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50019"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.57.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51521.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}