AZL-54098

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54098.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-54098
Upstream
Published
2024-07-30T08:15:05Z
Modified
2026-04-01T05:18:11.385548Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
CVE-2024-42135 affecting package kernel 5.15.200.1-1
Details

In the Linux kernel, the following vulnerability has been resolved:

vhost_task: Handle SIGKILL by flushing work and exiting

Instead of lingering until the device is closed, this has us handle SIGKILL by:

  1. marking the worker as killed so we no longer try to use it with new virtqueues and new flush operations.
  2. setting the virtqueue to worker mapping so no new works are queued.
  3. running all the exiting works.
References

Affected packages

Azure Linux:2 / kernel

Package

Name
kernel
Purl
pkg:rpm/azure-linux/kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
5.15.200.1-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54098.json"