CVE-2024-56547: 
Linux Debian vulnerability analysis and mitigation

In the Linux kernel, a vulnerability has been identified and resolved in the RCU (Read-Copy-Update) subsystem, specifically in the nocb (No Callbacks) component. The issue was discovered when running rcutorture tests with specific parameters and affects the RCU barrier functionality during deoffloading operations. This vulnerability was disclosed on December 27, 2024, and is tracked as CVE-2024-56547 (NVD, Kernel Git).

The vulnerability manifests when running rcutorture tests with specific parameters (torturetype=rcu fwdprogress=8 nbarriercbs=8 nocbsnthreads=8 nocbstoggle=100 onoffinterval=60 testboost=2). The issue occurs in the RCU nocb deoffloading process where a race condition can happen between barrier callback execution and callbacks counter decrement. This leads to a WARNONONCE() trigger in the rcunocbrdp_deoffload function and can potentially cause a system deadlock (Kernel Git).

The vulnerability can result in two primary issues: First, it triggers a warning in the kernel (WARNONONCE) indicating a potential system state inconsistency. Second, and more severely, it can cause a system deadlock when multiple RCU barriers are racing during the deoffloading process (NVD).

The issue has been fixed by adding a check for rdp->nocbcbsleep before parking to ensure no further rcubarrier() is waiting on the rdp. The fix involves modifying the nocbcbwait function to handle racing rcubarrier() calls more gracefully (Kernel Git).