{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-56709","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-27T15:00:39.857Z","datePublished":"2024-12-29T08:42:58.403Z","dateUpdated":"2025-11-03T20:53:02.240Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T10:03:01.201Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check if iowq is killed before queuing\n\ntask work can be executed after the task has gone through io_uring\ntermination, whether it's the final task_work run or the fallback path.\nIn this case, task work will find ->io_wq being already killed and\nnull'ed, which is a problem if it then tries to forward the request to\nio_queue_iowq(). Make io_queue_iowq() fail requests in this case.\n\nNote that it also checks PF_KTHREAD, because the user can first close\na DEFER_TASKRUN ring and shortly after kill the task, in which case\n->iowq check would race."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["io_uring/io_uring.c"],"versions":[{"version":"773af69121ecc6c53d192661af8d53bb3db028ae","lessThan":"534d59ab38010aada88390db65985e65d0de7d9e","status":"affected","versionType":"git"},{"version":"773af69121ecc6c53d192661af8d53bb3db028ae","lessThan":"2ca94c8de36091067b9ce7527ae8db3812d38781","status":"affected","versionType":"git"},{"version":"773af69121ecc6c53d192661af8d53bb3db028ae","lessThan":"4f95a2186b7f2af09331e1e8069bcaf34fe019cf","status":"affected","versionType":"git"},{"version":"773af69121ecc6c53d192661af8d53bb3db028ae","lessThan":"dbd2ca9367eb19bc5e269b8c58b0b1514ada9156","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["io_uring/io_uring.c"],"versions":[{"version":"5.14","status":"affected"},{"version":"0","lessThan":"5.14","status":"unaffected","versionType":"semver"},{"version":"6.1.122","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.68","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.7","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.1.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.6.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.12.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/534d59ab38010aada88390db65985e65d0de7d9e"},{"url":"https://git.kernel.org/stable/c/2ca94c8de36091067b9ce7527ae8db3812d38781"},{"url":"https://git.kernel.org/stable/c/4f95a2186b7f2af09331e1e8069bcaf34fe019cf"},{"url":"https://git.kernel.org/stable/c/dbd2ca9367eb19bc5e269b8c58b0b1514ada9156"}],"title":"io_uring: check if iowq is killed before queuing","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:53:02.240Z"}}]}}