Описание
In the Linux kernel, the following vulnerability has been resolved:
io_uring: clear opcode specific data for an early failure
If failure happens before the opcode prep handler is called, ensure that we clear the opcode specific area of the request, which holds data specific to that request type. This prevents errors where opcode handlers either don't get to clear per-request private data since prep isn't even called.
In the Linux kernel, the following vulnerability has been resolved:
io_uring: clear opcode specific data for an early failure
If failure happens before the opcode prep handler is called, ensure that we clear the opcode specific area of the request, which holds data specific to that request type. This prevents errors where opcode handlers either don't get to clear per-request private data since prep isn't even called.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-35923
- https://git.kernel.org/stable/c/21162ad2de7446438cbd6224b3794a375bcb24df
- https://git.kernel.org/stable/c/5245a6da27ef79f8dba98dad5542ebe56d311837
- https://git.kernel.org/stable/c/cb1cd176e0b431644653a7fa8691a1aaf7be98da
- https://git.kernel.org/stable/c/e21e1c45e1fe2e31732f40256b49c04e76a17cee
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
In the Linux kernel, the following vulnerability has been resolved: io_uring: clear opcode specific data for an early failure The Linux kernel CVE team has assigned CVE-2024-35923 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35923-ddae@gregkh/T
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
