CVE-2024-38580

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38580
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38580.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-38580
Downstream
Related
Published
2024-06-19T14:15:18Z
Modified
2025-08-09T20:01:25Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

epoll: be better about file lifetimes

epoll can call out to vfspoll() with a file pointer that may race with the last 'fput()'. That would make fcount go down to zero, and while the ep->mtx locking means that the resulting file pointer tear-down will be blocked until the poll returns, it means that f_count is already dead, and any use of it won't actually get a reference to the file any more: it's dead regardless.

Make sure we have a valid ref on the file pointer before we call down to vfs_poll() from the epoll routines.

References

Affected packages