Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty. And if an application does overflow a bit, it'll have a few entries. However, nothing obviously prevents syzbot from running a test case that generates a ton of overflow entries, and then flushing them can take quite a while. Check for needing to reschedule while flushing, and drop our locks and do so if necessary. There's no state to maintain here as overflows always prune from head-of-list, hence it's fine to drop and reacquire the locks at the end of the loop.

INFO

Published Date :

2024-10-21T19:39:49.737Z

Last Modified :

2025-11-03T22:25:00.157Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50060 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50060.

URL Resource
https://git.kernel.org/stable/c/a2493904e95ce94bbec819d8f7f03b99976eb25c cve-icon cve-icon
https://git.kernel.org/stable/c/c2eadeafce2d385b3f6d26a7f31fee5aba2bbbb0 cve-icon cve-icon
https://git.kernel.org/stable/c/eac2ca2d682f94f46b1973bdf5e77d85d77b8e53 cve-icon cve-icon
https://git.kernel.org/stable/c/f4ce3b5d26ce149e77e6b8e8f2058aa80e5b034e cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024102135-CVE-2024-50060-6994@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50060 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50060 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact