CVE-2024-35874 aio: Fix null ptr deref in aio_complete() wakeup

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aiocomplete wakeup listdelinitcareful needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finishwait would see the empty list head and skip taking the lock,...

CVE-2024-35874

In CVE-2024-35874, the Linux kernel vulnerability is a NULL pointer dereference in the aio wakeup path. The issue arises because list_del_init_careful() must be the last access to the wait queue entry, effectively unlocking access, and finish_wait() could see an empty list head, skip locking, and...

kernel security and bug fix update

2.6.18-274.3.1.0.1.el5 - fs nfs: Fix putnfsopencontext NULL pointer panic Joe Jin orabug 12687646 - scsi fix scsi hotplug and rescan race orabug 10260172 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by defau...

kernel security and bug fix update

2.6.18-238.5.1.0.1.el5 - scsi fix scsi hotplug and rescan race orabug 10260172 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory...

kernel security and bug fix update

2.6.18-238.1.1.0.1.el5 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - net Enable...