{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35815", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T12:19:12.343Z", "datePublished": "2024-05-17T13:23:20.326Z", "dateUpdated": "2025-05-04T09:05:59.810Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:05:59.810Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req->ki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/aio.c"], "versions": [{"version": "337b543e274fe7a8f47df3c8293cc6686ffa620f", "lessThan": "10ca82aff58434e122c7c757cf0497c335f993f3", "status": "affected", "versionType": "git"}, {"version": "b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942", "lessThan": "396dbbc18963648e9d1a4edbb55cfe08fa374d50", "status": "affected", "versionType": "git"}, {"version": "ea1cd64d59f22d6d13f367d62ec6e27b9344695f", "lessThan": "94eb0293703ced580f05dfbe5a57da5931e9aee2", "status": "affected", "versionType": "git"}, {"version": "d7b6fa97ec894edd02f64b83e5e72e1aa352f353", "lessThan": "a71cba07783abc76b547568b6452cd1dd9981410", "status": "affected", "versionType": "git"}, {"version": "18f614369def2a11a52f569fe0f910b199d13487", "lessThan": "18d5fc3c16cc317bd0e5f5dabe0660df415cadb7", "status": "affected", "versionType": "git"}, {"version": "e7e23fc5d5fe422827c9a43ecb579448f73876c7", "lessThan": "c01ed748847fe8b810d86efc229b9e6c7fafa01e", "status": "affected", "versionType": "git"}, {"version": "1dc7d74fe456944a9b1c57bd776280249f441ac6", "lessThan": "5c43d0041e3a05c6c41c318b759fff16d2384596", "status": "affected", "versionType": "git"}, {"version": "b820de741ae48ccf50dd95e297889c286ff4f760", "lessThan": "961ebd120565cb60cebe21cb634fbc456022db4a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/aio.c"], "versions": [{"version": "4.19.308", "lessThan": "4.19.312", "status": "affected", "versionType": "semver"}, {"version": "5.4.270", "lessThan": "5.4.274", "status": "affected", "versionType": "semver"}, {"version": "5.10.211", "lessThan": "5.10.215", "status": "affected", "versionType": "semver"}, {"version": "5.15.150", "lessThan": "5.15.154", "status": "affected", "versionType": "semver"}, {"version": "6.1.80", "lessThan": "6.1.84", "status": "affected", "versionType": "semver"}, {"version": "6.6.19", "lessThan": "6.6.24", "status": "affected", "versionType": "semver"}, {"version": "6.7.7", "lessThan": "6.7.12", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.308", "versionEndExcluding": "4.19.312"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.270", "versionEndExcluding": "5.4.274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.211", "versionEndExcluding": "5.10.215"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.150", "versionEndExcluding": "5.15.154"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.80", "versionEndExcluding": "6.1.84"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.19", "versionEndExcluding": "6.6.24"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.7", "versionEndExcluding": "6.7.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3"}, {"url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50"}, {"url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2"}, {"url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410"}, {"url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7"}, {"url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e"}, {"url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596"}, {"url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a"}], "title": "fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35815", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T14:12:56.685850Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:33:42.531Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.505Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.505Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35815", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T14:12:56.685850Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.797Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "337b543e274f", "lessThan": "10ca82aff584", "versionType": "git"}, {"status": "affected", "version": "b4eea7a05ee0", "lessThan": "396dbbc18963", "versionType": "git"}, {"status": "affected", "version": "ea1cd64d59f2", "lessThan": "94eb0293703c", "versionType": "git"}, {"status": "affected", "version": "d7b6fa97ec89", "lessThan": "a71cba07783a", "versionType": "git"}, {"status": "affected", "version": "18f614369def", "lessThan": "18d5fc3c16cc", "versionType": "git"}, {"status": "affected", "version": "e7e23fc5d5fe", "lessThan": "c01ed748847f", "versionType": "git"}, {"status": "affected", "version": "1dc7d74fe456", "lessThan": "5c43d0041e3a", "versionType": "git"}, {"status": "affected", "version": "b820de741ae4", "lessThan": "961ebd120565", "versionType": "git"}], "programFiles": ["fs/aio.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.19.308", "lessThan": "4.19.312", "versionType": "custom"}, {"status": "affected", "version": "5.4.270", "lessThan": "5.4.274", "versionType": "custom"}, {"status": "affected", "version": "5.10.211", "lessThan": "5.10.215", "versionType": "custom"}, {"status": "affected", "version": "5.15.150", "lessThan": "5.15.154", "versionType": "custom"}, {"status": "affected", "version": "6.1.80", "lessThan": "6.1.84", "versionType": "custom"}, {"status": "affected", "version": "6.6.19", "lessThan": "6.6.24", "versionType": "custom"}, {"status": "affected", "version": "6.7.7", "lessThan": "6.7.12", "versionType": "custom"}], "programFiles": ["fs/aio.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3"}, {"url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50"}, {"url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2"}, {"url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410"}, {"url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7"}, {"url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e"}, {"url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596"}, {"url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req->ki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:29:29.537Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35815", "state": "PUBLISHED", "dateUpdated": "2024-08-02T03:21:47.505Z", "dateReserved": "2024-05-17T12:19:12.343Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T13:23:20.326Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "017B5D47-54B0-4864-A4EC-76E944E9A963", "versionEndExcluding": "4.19.312", "versionStartIncluding": "4.19.308", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB25F64F-5C99-4466-8D9A-1469885E86E7", "versionEndExcluding": "5.4.274", "versionStartIncluding": "5.4.270", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFDEF5B7-531B-41B1-B5E4-44F31E00AF98", "versionEndExcluding": "5.10.215", "versionStartIncluding": "5.10.211", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2078FD3A-BAFD-4DF4-89B3-017B721C092B", "versionEndExcluding": "5.15.154", "versionStartIncluding": "5.15.150", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "487837EB-1F63-4418-B493-430A93B5F9A1", "versionEndExcluding": "6.1.84", "versionStartIncluding": "6.1.80", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EC52D03-C451-4B7B-BE34-6735FCBB296A", "versionEndExcluding": "6.6.24", "versionStartIncluding": "6.6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "976AF1BD-A716-495C-BDE4-0207737C6C4B", "versionEndExcluding": "6.7.12", "versionStartIncluding": "6.7.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc7:*:*:*:*:*:*", "matchCriteriaId": "C9B8A5CE-6D20-4C36-AC01-ACA4B70003A8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10:*:*:*:*:*:*:*", "matchCriteriaId": "3AA94636-56D9-400F-9B7C-6548CF182EB5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req->ki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: fs/aio: verifique IOCB_AIO_RW antes de la conversi\u00f3n de struct aio_kiocb. El primer argumento kiocb_set_cancel_fn() puede apuntar a una estructura kiocb que no est\u00e1 incrustada dentro de struct aio_kiocb. Con el c\u00f3digo actual, dependiendo del compilador, la lectura req->ki_ctx ocurre antes de la prueba IOCB_AIO_RW o despu\u00e9s de esa prueba. Mueva la lectura req->ki_ctx de modo que se garantice que la prueba IOCB_AIO_RW se realice primero."}], "id": "CVE-2024-35815", "lastModified": "2025-12-15T20:43:18.127", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T14:15:16.077", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10ca82aff58434e122c7c757cf0497c335f993f3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/18d5fc3c16cc317bd0e5f5dabe0660df415cadb7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/396dbbc18963648e9d1a4edbb55cfe08fa374d50"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c43d0041e3a05c6c41c318b759fff16d2384596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94eb0293703ced580f05dfbe5a57da5931e9aee2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/961ebd120565cb60cebe21cb634fbc456022db4a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a71cba07783abc76b547568b6452cd1dd9981410"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c01ed748847fe8b810d86efc229b9e6c7fafa01e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion", "id": "2281206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281206"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req->ki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req->ki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first.", "A flaw was found in the Linux kernel's Asynchronous I/O (AIO) subsystem. This issue occurs when handling I/O control blocks (IOCBs), where the kernel fails to properly check the `IOCB_AIO_RW` flag before converting the `aio_kiocb` structure. This oversight could lead to incorrect handling of I/O requests, resulting in unintended behavior or memory corruption."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35815", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35815\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35815\nhttps://lore.kernel.org/linux-cve-announce/2024051742-CVE-2024-35815-c819@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{"created": "2025-07-12T22:01:16.469140+00:00", "updated": "2025-07-12T22:01:16.469264+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}