vulnerability

Huawei EulerOS: CVE-2024-56709: kernel security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	2024-12-29	2025-04-01	2025-04-02

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

2024-12-29

Added

2025-04-01

Modified

2025-04-02

Description

In the Linux kernel, the following vulnerability has been resolved:

io_uring: check if iowq is killed before queuing

task work can be executed after the task has gone through io_uring
termination, whether it's the final task_work run or the fallback path.
In this case, task work will find ->io_wq being already killed and
null'ed, which is a problem if it then tries to forward the request to
io_queue_iowq(). Make io_queue_iowq() fail requests in this case.

Note that it also checks PF_KTHREAD, because the user can first close
a DEFER_TASKRUN ring and shortly after kill the task, in which case
->iowq check would race.

Solution(s)

huawei-euleros-2_0_sp13-upgrade-bpftoolhuawei-euleros-2_0_sp13-upgrade-kernelhuawei-euleros-2_0_sp13-upgrade-kernel-abi-stablelistshuawei-euleros-2_0_sp13-upgrade-kernel-toolshuawei-euleros-2_0_sp13-upgrade-kernel-tools-libshuawei-euleros-2_0_sp13-upgrade-python3-perf

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today