Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-35831
HistoryMay 17, 2024 - 1:41 p.m.

CVE-2024-35831 io_uring: Fix release of pinned pages when __io_uaddr_map fails

2024-05-1713:41:23
Linux
raw.githubusercontent.com
5
linux kernel
vulnerability
io_uring
pinned pages
error handler
memory fragmentation
cve-2024-35831

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

io_uring: Fix release of pinned pages when __io_uaddr_map fails

Looking at the error path of __io_uaddr_map, if we fail after pinning
the pages for any reasons, ret will be set to -EINVAL and the error
handler won’t properly release the pinned pages.

I didn’t manage to trigger it without forcing a failure, but it can
happen in real life when memory is heavily fragmented.

Related

cve 1
debiancve 1
ubuntucve 1
redhatcve 1
cve
cve
CVE-2024-35831
2024-05-17 14:15:19
debiancve
debiancve
CVE-2024-35831
2024-05-17 14:15:19
ubuntucve
ubuntucve
CVE-2024-35831
2024-05-17 00:00:00
redhatcve
redhatcve
CVE-2024-35831
2024-05-17 23:42:37

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.1%

JSON
Related for CVELIST:CVE-2024-35831
cve1debiancve1ubuntucve1redhatcve1