CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

Weakness

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

Affected Software

Extended Description

Locking is a type of synchronization behavior that ensures that multiple independently-operating processes or threads do not interfere with each other when accessing the same resource. All processes/threads are expected to follow the same steps for locking. If these steps are not followed precisely - or if no locking is done at all - then another process/thread could modify the shared resource in a way that is not visible or predictable to the original process. This can lead to data or memory corruption, denial of service, etc.

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/25.html
• https://cwe.mitre.org/data/definitions/26.html
• https://cwe.mitre.org/data/definitions/27.html

References

• http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html
• http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html
• https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html
• https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
• https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
• https://lkml.org/lkml/2020/4/26/87
• https://security.netapp.com/advisory/ntap-20200608-0001/
• https://usn.ubuntu.com/4462-1/
• https://usn.ubuntu.com/4463-1/
• https://usn.ubuntu.com/4465-1/
• https://usn.ubuntu.com/4483-1/
• https://usn.ubuntu.com/4485-1/
• https://www.oracle.com/security-alerts/cpuApr2021.html