QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-35815

Back to search

CVE-2024-35815

Published: May 17, 2024

Modified: May 12, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct kiocb that is not embedded inside struct aio_kiocb. With the current code, depending on the compiler, the req->ki_ctx read happens either before the IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such that it is guaranteed that the IOCB_AIO_RW test happens first.

VendorProductVersions

Linux

Linux

affected
337b543e274fe7a8f47df3c8293cc6686ffa620f - < 10ca82aff58434e122c7c757cf0497c335f993f3
affected
b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942 - < 396dbbc18963648e9d1a4edbb55cfe08fa374d50
affected
ea1cd64d59f22d6d13f367d62ec6e27b9344695f - < 94eb0293703ced580f05dfbe5a57da5931e9aee2
affected
d7b6fa97ec894edd02f64b83e5e72e1aa352f353 - < a71cba07783abc76b547568b6452cd1dd9981410
affected
18f614369def2a11a52f569fe0f910b199d13487 - < 18d5fc3c16cc317bd0e5f5dabe0660df415cadb7

+3 more versions

Linux

Linux

affected
4.19.308 - < 4.19.312
affected
5.4.270 - < 5.4.274
affected
5.10.211 - < 5.10.215
affected
5.15.150 - < 5.15.154
affected
6.1.80 - < 6.1.84

+2 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now