CVE-2024-57946
📋 TL;DR
A race condition vulnerability in the Linux kernel's virtio-blk driver could cause system deadlock during suspend/resume operations. This affects Linux systems using virtio-blk for virtual block devices, particularly in virtualized environments. The issue occurs when the driver incorrectly keeps the block queue frozen throughout the entire suspend process.
💻 Affected Systems
- Linux kernel with virtio-blk driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock during suspend/resume operations requiring hard reboot, potentially causing data corruption or service disruption.
Likely Case
System hangs or instability during power management operations, particularly in virtualized environments during VM migration or host maintenance.
If Mitigated
Minor performance impact during suspend/resume operations with proper patching.
🎯 Exploit Status
Exploitation requires triggering suspend operations on affected system, typically requiring local access or control over power management.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits: 12c0ddd6c551c1e438b087f874b4f1223a75f7ea, 6dea8e3de59928974bf157dd0499d3958d744ae4, 7678abee0867e6b7fb89aa40f6e9f575f755fb37, 92d5139b91147ab372a17daf5dc27a5b9278e516, 9ca428c6397abaa8c38f5c69133a2299e1efbbf2
Vendor Advisory: https://git.kernel.org/stable/c/12c0ddd6c551c1e438b087f874b4f1223a75f7ea
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for backported patches. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Avoid suspend operations
linuxPrevent system suspend operations that could trigger the deadlock condition
systemctl mask suspend.target
systemctl mask hibernate.target
systemctl mask hybrid-sleep.target
🧯 If You Can't Patch
- Avoid using suspend/hibernate functionality on affected systems
- Monitor system logs for suspend-related issues and be prepared for manual recovery
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if virtio-blk is in use: 'uname -r' and 'lsmod | grep virtio_blk'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include fix commits: 'uname -r' and check with distribution patch notes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages during suspend/resume
- System hang during power state transitions
- Virtio-blk driver error messages in dmesg
Network Indicators:
- None - local vulnerability
SIEM Query:
Search for: 'kernel panic', 'suspend failed', 'virtio_blk error' in system logs🔗 References
- https://git.kernel.org/stable/c/12c0ddd6c551c1e438b087f874b4f1223a75f7ea
- https://git.kernel.org/stable/c/6dea8e3de59928974bf157dd0499d3958d744ae4
- https://git.kernel.org/stable/c/7678abee0867e6b7fb89aa40f6e9f575f755fb37
- https://git.kernel.org/stable/c/92d5139b91147ab372a17daf5dc27a5b9278e516
- https://git.kernel.org/stable/c/9ca428c6397abaa8c38f5c69133a2299e1efbbf2
- https://git.kernel.org/stable/c/9e323f856cf4963120e0e3892a84ef8bd764a0e4
- https://git.kernel.org/stable/c/d738f3215bb4f88911ff4579780a44960c8e0ca5
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
