Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock without releasing the uring_lock. Similar to the commit 009ad9f0c6ee ("io_uring: drop ctx->uring_lock before acquiring sqd->lock"), this can lead to a potential deadlock situation. To resolve this issue, the uring_lock is released before calling io_put_sq_data(), and then it is re-acquired after the function call. This change ensures that the locks are acquired in the correct order, preventing the possibility of a deadlock.

INFO

Published Date :

2024-07-29T15:04:17.642Z

Last Modified :

2025-11-03T22:00:38.428Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41080 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41080.

URL Resource
https://git.kernel.org/stable/c/73254a297c2dd094abec7c9efee32455ae875bdf cve-icon cve-icon
https://git.kernel.org/stable/c/950ac86cff338ab56e2eaf611f4936ee34893b63 cve-icon cve-icon
https://git.kernel.org/stable/c/97ed7ff58de66c544692b3c2b988f3f594348de0 cve-icon cve-icon
https://git.kernel.org/stable/c/b17397a0a5c56e111f61cb5b77d162664dc00de9 cve-icon cve-icon
https://git.kernel.org/stable/c/b571a367502c7ef94c688ef9c7f7d69a2ce3bcca cve-icon cve-icon
https://git.kernel.org/stable/c/fdacd09f2ddf7a00787291f08ee48c0421e5b709 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-41080 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact