CVE-2024-56709

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-56709
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56709.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56709
Downstream
Related
Published
2024-12-29T08:42:58.403Z
Modified
2026-03-11T07:50:44.656089770Z
Summary
io_uring: check if iowq is killed before queuing
Details

In the Linux kernel, the following vulnerability has been resolved:

io_uring: check if iowq is killed before queuing

task work can be executed after the task has gone through iouring termination, whether it's the final taskwork run or the fallback path. In this case, task work will find ->iowq being already killed and null'ed, which is a problem if it then tries to forward the request to ioqueueiowq(). Make ioqueue_iowq() fail requests in this case.

Note that it also checks PFKTHREAD, because the user can first close a DEFERTASKRUN ring and shortly after kill the task, in which case ->iowq check would race.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56709.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
773af69121ecc6c53d192661af8d53bb3db028ae
Fixed
534d59ab38010aada88390db65985e65d0de7d9e
Fixed
2ca94c8de36091067b9ce7527ae8db3812d38781
Fixed
4f95a2186b7f2af09331e1e8069bcaf34fe019cf
Fixed
dbd2ca9367eb19bc5e269b8c58b0b1514ada9156

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56709.json"