{"vulnerability": "CVE-2024-50079", "sightings": [{"uuid": "18ed854d-7909-4990-a913-0b438e31fdd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50079", "type": "seen", "source": "https://t.me/cvedetector/9239", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50079 - Apache Linux kernel io_uring sqpoll Task State Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50079 \nPublished : Oct. 29, 2024, 1:15 a.m. | 38\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nio_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work  \n  \nWhen the sqpoll is exiting and cancels pending work items, it may need  \nto run task_work. If this happens from within io_uring_cancel_generic(),  \nthen it may be under waiting for the io_uring_task waitqueue. This  \nresults in the below splat from the scheduler, as the ring mutex may be  \nattempted grabbed while in a TASK_INTERRUPTIBLE state.  \n  \nEnsure that the task state is set appropriately for that, just like what  \nis done for the other cases in io_run_task_work().  \n  \ndo not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000029387fd2] prepare_to_wait+0x88/0x2fc  \nWARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140  \nModules linked in:  \nCPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456  \nHardware name: linux,dummy-virt (DT)  \npstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)  \npc : __might_sleep+0xf4/0x140  \nlr : __might_sleep+0xf4/0x140  \nsp : ffff80008c5e7830  \nx29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230  \nx26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50  \nx23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180  \nx20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90  \nx17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720  \nx14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b  \nx11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000  \nx8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001  \nx5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc  \nx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180  \nCall trace:  \n __might_sleep+0xf4/0x140  \n mutex_lock+0x84/0x124  \n io_handle_tw_list+0xf4/0x260  \n tctx_task_work_run+0x94/0x340  \n io_run_task_work+0x1ec/0x3c0  \n io_uring_cancel_generic+0x364/0x524  \n io_sq_thread+0x820/0x124c  \n ret_from_fork+0x10/0x20 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T03:03:54.000000Z"}]}