{ "threat_severity" : "Moderate", "public_date" : "2025-12-24T00:00:00Z", "bugzilla" : { "description" : "kernel: virtio_pmem: add the missing REQ_OP_WRITE for flush bio", "id" : "2425125", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2425125" }, "cvss3" : { "cvss3_base_score" : "6.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-672", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nvirtio_pmem: add the missing REQ_OP_WRITE for flush bio\nWhen doing mkfs.xfs on a pmem device, the following warning was\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submit_bio_noacct\nModules linked in:\nCPU: 2 PID: 384 Comm: mkfs.xfs Not tainted 6.4.0-rc7+ #154\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:submit_bio_noacct+0x340/0x520\n......\nCall Trace:\n\n? submit_bio_noacct+0xd5/0x520\nsubmit_bio+0x37/0x60\nasync_pmem_flush+0x79/0xa0\nnvdimm_flush+0x17/0x40\npmem_submit_bio+0x370/0x390\n__submit_bio+0xbc/0x190\nsubmit_bio_noacct_nocheck+0x14d/0x370\nsubmit_bio_noacct+0x1ef/0x520\nsubmit_bio+0x55/0x60\nsubmit_bio_wait+0x5a/0xc0\nblkdev_issue_flush+0x44/0x60\nThe root cause is that submit_bio_noacct() needs bio_op() is either\nWRITE or ZONE_APPEND for flush bio and async_pmem_flush() doesn't assign\nREQ_OP_WRITE when allocating flush bio, so submit_bio_noacct just fail\nthe flush bio.\nSimply fix it by adding the missing REQ_OP_WRITE for flush bio. And we\ncould fix the flush order issue and do flush optimization later.", "A flaw was discovered in the virtio_pmem driver in the Linux kernel, where flush block I/O requests did not have the required REQ_OP_WRITE operation code assigned before submission. Under workloads involving persistent memory block devices — for example, running mkfs.xfs on a pmem device,this omission can lead to bio submission warnings and improper block I/O handling." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-54089\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54089\nhttps://lore.kernel.org/linux-cve-announce/2025122406-CVE-2023-54089-ddc6@gregkh/T" ], "name" : "CVE-2023-54089", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }