PT-2024-33896 · Linux+10 · Linux Kernel+10

Syzbot

·

Published

2024-10-21

·

Updated

2026-05-25

·

CVE-2024-50060

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: The issue is related to the io uring feature in the Linux kernel, where an overflow can cause a significant delay during flushing. Normally, this list is empty, but an application can overflow it, and in extreme cases, like those generated by syzbot, flushing can take a long time. The fix involves checking if rescheduling is needed during overflow flush and dropping locks to do so if necessary.
Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting the use of io uring to minimize the risk of exploitation.

Exploit

Fix

Weakness Enumeration

CWE-371

Related Identifiers

ALSA-2025:20518
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALSA-2025_18281
ALSA-2025_19102
ALSA-2025_19103
ALSA-2025_19409
ALSA-2025_20518
ALT-PU-2025-12647
BDU:2025-07935
CVE-2024-50060
DLA-4008-1
INFSA-2025_20518
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2367
OESA-2024-2368
OESA-2024-2369
OESA-2024-2371
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2025:14705-1
RHSA-2025:20518
RHSA-2025_20518
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7383-1
USN-7383-2
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7451-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-8279-1
USN-8279-2
USN-8279-3
USN-8291-1
USN-8291-2
USN-8291-3

Affected Products

Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu