{"id":"CVE-2024-56709","summary":"io_uring: check if iowq is killed before queuing","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check if iowq is killed before queuing\n\ntask work can be executed after the task has gone through io_uring\ntermination, whether it's the final task_work run or the fallback path.\nIn this case, task work will find -\u003eio_wq being already killed and\nnull'ed, which is a problem if it then tries to forward the request to\nio_queue_iowq(). Make io_queue_iowq() fail requests in this case.\n\nNote that it also checks PF_KTHREAD, because the user can first close\na DEFER_TASKRUN ring and shortly after kill the task, in which case\n-\u003eiowq check would race.","modified":"2026-03-20T12:40:59.217559Z","published":"2024-12-29T08:42:58.403Z","related":["ALSA-2025:20518","MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56709.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2ca94c8de36091067b9ce7527ae8db3812d38781"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f95a2186b7f2af09331e1e8069bcaf34fe019cf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/534d59ab38010aada88390db65985e65d0de7d9e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dbd2ca9367eb19bc5e269b8c58b0b1514ada9156"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56709.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56709"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"773af69121ecc6c53d192661af8d53bb3db028ae"},{"fixed":"534d59ab38010aada88390db65985e65d0de7d9e"},{"fixed":"2ca94c8de36091067b9ce7527ae8db3812d38781"},{"fixed":"4f95a2186b7f2af09331e1e8069bcaf34fe019cf"},{"fixed":"dbd2ca9367eb19bc5e269b8c58b0b1514ada9156"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56709.json"}}],"schema_version":"1.7.5"}