{"uuid": "78dcb467-2d38-4a3f-9e52-926a11f77077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35880", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35880\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: hold io_buffer_list reference over mmap\n\nIf we look up the kbuf, ensure that it doesn't get unregistered until\nafter we're done with it. Since we're inside mmap, we cannot safely use\nthe io_uring lock. Rely on the fact that we can lookup the buffer list\nunder RCU now and grab a reference to it, preventing it from being\nunregistered until we're done with it. The lookup returns the\nio_buffer_list directly with it referenced.\n\ud83d\udccf Published: 2024-05-19T08:34:37.262Z\n\ud83d\udccf Modified: 2025-05-04T09:07:30.099Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/65938e81df2197203bda4b9a0c477e7987218d66\n2. https://git.kernel.org/stable/c/5fd8e2359498043e0b5329a05f02d10a9eb91eb9\n3. https://git.kernel.org/stable/c/561e4f9451d65fc2f7eef564e0064373e3019793", "creation_timestamp": "2025-05-04T09:17:47.000000Z"}