CVE-2024-42135

MEDIUM5.5

vhost_task: Handle SIGKILL by flushing work and exiting

Published Jul 30, 2024

Modified 1 weeks ago

No fix available

In the Linux kernel, the following vulnerability has been resolved:

vhost_task: Handle SIGKILL by flushing work and exiting

Instead of lingering until the device is closed, this has us handle SIGKILL by:

marking the worker as killed so we no longer try to use it with new virtqueues and new flush operations.
setting the virtqueue to worker mapping so no new works are queued.
running all the exiting works.

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

PublishedJul 30, 2024

ModifiedJan 5, 2026