{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-35815","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-17T12:19:12.343Z","datePublished":"2024-05-17T13:23:20.326Z","dateUpdated":"2026-05-12T11:52:11.694Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T20:11:32.647Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req->ki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/aio.c"],"versions":[{"version":"337b543e274fe7a8f47df3c8293cc6686ffa620f","lessThan":"10ca82aff58434e122c7c757cf0497c335f993f3","status":"affected","versionType":"git"},{"version":"b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942","lessThan":"396dbbc18963648e9d1a4edbb55cfe08fa374d50","status":"affected","versionType":"git"},{"version":"ea1cd64d59f22d6d13f367d62ec6e27b9344695f","lessThan":"94eb0293703ced580f05dfbe5a57da5931e9aee2","status":"affected","versionType":"git"},{"version":"d7b6fa97ec894edd02f64b83e5e72e1aa352f353","lessThan":"a71cba07783abc76b547568b6452cd1dd9981410","status":"affected","versionType":"git"},{"version":"18f614369def2a11a52f569fe0f910b199d13487","lessThan":"18d5fc3c16cc317bd0e5f5dabe0660df415cadb7","status":"affected","versionType":"git"},{"version":"e7e23fc5d5fe422827c9a43ecb579448f73876c7","lessThan":"c01ed748847fe8b810d86efc229b9e6c7fafa01e","status":"affected","versionType":"git"},{"version":"1dc7d74fe456944a9b1c57bd776280249f441ac6","lessThan":"5c43d0041e3a05c6c41c318b759fff16d2384596","status":"affected","versionType":"git"},{"version":"b820de741ae48ccf50dd95e297889c286ff4f760","lessThan":"961ebd120565cb60cebe21cb634fbc456022db4a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/aio.c"],"versions":[{"version":"4.19.308","lessThan":"4.19.312","status":"affected","versionType":"semver"},{"version":"5.4.270","lessThan":"5.4.274","status":"affected","versionType":"semver"},{"version":"5.10.211","lessThan":"5.10.215","status":"affected","versionType":"semver"},{"version":"5.15.150","lessThan":"5.15.154","status":"affected","versionType":"semver"},{"version":"6.1.80","lessThan":"6.1.84","status":"affected","versionType":"semver"},{"version":"6.6.19","lessThan":"6.6.24","status":"affected","versionType":"semver"},{"version":"6.7.7","lessThan":"6.7.12","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.308","versionEndExcluding":"4.19.312"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.270","versionEndExcluding":"5.4.274"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.211","versionEndExcluding":"5.10.215"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.150","versionEndExcluding":"5.15.154"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.80","versionEndExcluding":"6.1.84"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.19","versionEndExcluding":"6.6.24"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.7","versionEndExcluding":"6.7.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3"},{"url":"https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50"},{"url":"https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2"},{"url":"https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410"},{"url":"https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7"},{"url":"https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e"},{"url":"https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596"},{"url":"https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a"}],"title":"fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-35815","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-20T14:12:56.685850Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:33:42.531Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:21:47.505Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","tags":["x_transferred"]}]},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T11:52:11.694Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}]}]},"dataVersion":"5.2"}