CVE-2024-42135

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-42135

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42135.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-42135

Downstream

BELL-CVE-2024-42135

DEBIAN-CVE-2024-42135

ECHO-192d-8546-ea59

OESA-2024-2076

UBUNTU-CVE-2024-42135

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7156-1

Related

Published

2024-07-30T08:15:05Z

Modified

2025-08-09T20:01:26Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

vhost_task: Handle SIGKILL by flushing work and exiting

Instead of lingering until the device is closed, this has us handle SIGKILL by:

marking the worker as killed so we no longer try to use it with new virtqueues and new flush operations.
setting the virtqueue to worker mapping so no new works are queued.
running all the exiting works.

References

Affected packages