memcg: fix soft lockup in the OOM process

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2024-57977
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2025-02-27 02:15:10 UTC
Updated2026-05-12 13:16:24 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered. watchdog: BUG: soft lockup - CPU#2 stuck for 23s! [VM Thread:1503066] CPU: 2 PID: 1503066 Comm: VM Thread Kdump: loaded Tainted: G Hardware name: Huawei Cloud OpenStack Nova, BIOS RIP: 0010:console_unlock+0x343/0x540 RSP: 0000:ffffb751447db9a0 EFLAGS: 00000247 ORIG_RAX: ffffffffffffff13 RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000ffffffff RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000247 RBP: ffffffffafc71f90 R08: 0000000000000000 R09: 0000000000000040 R10: 0000000000000080 R11: 0000000000000000 R12: ffffffffafc74bd0 R13: ffffffffaf60a220 R14: 0000000000000247 R15: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2fe6ad91f0 CR3: 00000004b2076003 CR4: 0000000000360ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: vprintk_emit+0x193/0x280 printk+0x52/0x6e dump_task+0x114/0x130 mem_cgroup_scan_tasks+0x76/0x100 dump_header+0x1fe/0x210 oom_kill_process+0xd1/0x100 out_of_memory+0x125/0x570 mem_cgroup_out_of_memory+0xb5/0xd0 try_charge+0x720/0x770 mem_cgroup_try_charge+0x86/0x180 mem_cgroup_try_charge_delay+0x1c/0x40 do_anonymous_page+0xb5/0x390 handle_mm_fault+0xc4/0x1f0 This is because thousands of processes are in the OOM cgroup, it takes a long time to traverse all of them. As a result, this lead to soft lockup in the OOM process. To fix this issue, call 'cond_resched' in the 'mem_cgroup_scan_tasks' function per 1000 iterations. For global OOM, call 'touch_softlockup_watchdog' per 1000 iterations to avoid this issue.

Risk And Classification

Primary CVSS: v3.1 5.5 MEDIUM from [email protected]

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem Types: CWE-667

CVSS v3.1 Breakdown

Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Linux Linux Kernel All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 72f2c0b7c152c2983ed51d48c3272cab4f34d965 git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 110399858194c71f11afefad6e7be9e3876b284f git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 a9042dbc1ed4bf25a5f5c699d10c3d676abf8ca2 git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 0a09d56e1682c951046bf15542b3e9553046c9f6 git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 972486d37169fe85035e81b8c5dff21f70df1173 git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 c3a3741db8c1202aa959c77df3a4c361612d1eb1 git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 46576834291869457d4772bb7df72d7c2bb3d57f git Not specified
CNA Linux Linux affected 9cbb78bb314360a860a8b23723971cb6fcb54176 ade81479c7dda1ce3eedb215c78bc615bbd04f06 git Not specified
CNA Linux Linux affected 3.6 Not specified
CNA Linux Linux unaffected 3.6 semver Not specified
CNA Linux Linux unaffected 5.4.291 5.4.* semver Not specified
CNA Linux Linux unaffected 5.10.235 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.179 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.130 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.80 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.13 6.12.* semver Not specified
CNA Linux Linux unaffected 6.13.2 6.13.* semver Not specified
CNA Linux Linux unaffected 6.14 * original_commit_for_fix Not specified
ADP Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP affected V3.1.5 * custom Not specified
ADP Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP affected V3.1.5 * custom Not specified
ADP Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP affected V3.1.5 * custom Not specified
ADP Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP affected V3.1.5 * custom Not specified
ADP Siemens SIMATIC S7-1500 TM MFP - GNU/Linux Subsystem affected * custom Not specified
ADP Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP affected V3.1.5 * custom Not specified

References

ReferenceSourceLinkTags
lists.debian.org/debian-lts-announce/2025/05/msg00030.html af854a3a-2127-422b-91ae-364da2661108 lists.debian.org
git.kernel.org/stable/c/a9042dbc1ed4bf25a5f5c699d10c3d676abf8ca2 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/972486d37169fe85035e81b8c5dff21f70df1173 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
cert-portal.siemens.com/productcert/html/ssa-082556.html 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e cert-portal.siemens.com
git.kernel.org/stable/c/110399858194c71f11afefad6e7be9e3876b284f 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
cert-portal.siemens.com/productcert/html/ssa-265688.html 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e cert-portal.siemens.com
git.kernel.org/stable/c/ade81479c7dda1ce3eedb215c78bc615bbd04f06 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/46576834291869457d4772bb7df72d7c2bb3d57f 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/c3a3741db8c1202aa959c77df3a4c361612d1eb1 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
lists.debian.org/debian-lts-announce/2025/05/msg00045.html af854a3a-2127-422b-91ae-364da2661108 lists.debian.org
git.kernel.org/stable/c/0a09d56e1682c951046bf15542b3e9553046c9f6 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/72f2c0b7c152c2983ed51d48c3272cab4f34d965 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report