{"id":"CVE-2024-47696","summary":"RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\n\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to\ndestroying CM IDs\"), the function flush_workqueue is invoked to flush the\nwork queue iwcm_wq.\n\nBut at that time, the work queue iwcm_wq was created via the function\nalloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\n\nBecause the current process is trying to flush the whole iwcm_wq, if\niwcm_wq doesn't have the flag WQ_MEM_RECLAIM, verify that the current\nprocess is not reclaiming memory or running on a workqueue which doesn't\nhave the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee\nleading to a deadlock.\n\nThe call trace is as below:\n\n[  125.350876][ T1430] Call Trace:\n[  125.356281][ T1430]  \u003cTASK\u003e\n[ 125.361285][ T1430] ? __warn (kernel/panic.c:693)\n[ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970)\n[ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151)\n[ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm\n[ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910)\n[ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161)\n[ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm\n[ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma\n[ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma\n[ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231)\n[ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393)\n[ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339)\n[ 125.531837][ T1430] kthread (kernel/kthread.c:389)\n[ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147)\n[ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n[  125.566487][ T1430]  \u003c/TASK\u003e\n[  125.566488][ T1430] ---[ end trace 0000000000000000 ]---","modified":"2026-04-16T00:06:52.793056492Z","published":"2024-10-21T11:53:33.950Z","related":["SUSE-SU-2024:3984-1","SUSE-SU-2024:3986-1","SUSE-SU-2024:4100-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:0034-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47696.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/29b3bbd912b8db86df7a3c180b910ccb621f5635"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2efe8da2ddbf873385b4bc55366d09350b408df6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/86dfdd8288907f03c18b7fb462e0e232c4f98d89"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b7df76356d098f85f3bd2c7cf6fb43f531893d7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a09dc967b3c58899e259c0aea092f421d22a0b04"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a64f30db12bdc937c5108158d98c8eab1925c548"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c8b18a75282cfd27822a8cc3c1f005c1ac8d1a58"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da0392698c62397c19deb1b9e9bdf2fbb5a9420e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da2708a19f45b4a7278adf523837c8db21d1e2b5"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47696.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47696"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d91d253c87fd1efece521ff2612078a35af673c6"},{"fixed":"da2708a19f45b4a7278adf523837c8db21d1e2b5"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7f25f296fc9bd0435be14e89bf657cd615a23574"},{"fixed":"29b3bbd912b8db86df7a3c180b910ccb621f5635"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"94ee7ff99b87435ec63211f632918dc7f44dac79"},{"fixed":"2efe8da2ddbf873385b4bc55366d09350b408df6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"557d035fe88d78dd51664f4dc0e1896c04c97cf6"},{"fixed":"da0392698c62397c19deb1b9e9bdf2fbb5a9420e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"dc8074b8901caabb97c2d353abd6b4e7fa5a59a5"},{"fixed":"a64f30db12bdc937c5108158d98c8eab1925c548"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ff5bbbdee08287d75d72e65b72a2b76d9637892a"},{"fixed":"8b7df76356d098f85f3bd2c7cf6fb43f531893d7"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ee39384ee787e86e9db4efb843818ef0ea9cb8ae"},{"fixed":"c8b18a75282cfd27822a8cc3c1f005c1ac8d1a58"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"aee2424246f9f1dadc33faa78990c1e2eb7826e4"},{"fixed":"a09dc967b3c58899e259c0aea092f421d22a0b04"},{"fixed":"86dfdd8288907f03c18b7fb462e0e232c4f98d89"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47696.json"}}],"schema_version":"1.7.5"}