DEBIAN-CVE-2024-35880
- Source
- https://security-tracker.debian.org/tracker/CVE-2024-35880
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-35880.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-35880
- Upstream
- Published
- 2024-05-19T09:15:09Z
- Modified
- 2025-09-25T22:40:26Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact that we can lookup the buffer list under RCU now and grab a reference to it, preventing it from being unregistered until we're done with it. The lookup returns the iobufferlist directly with it referenced.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source