CVE-2024-35880: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-35880 is a vulnerability in the Linux kernel's iouring subsystem, specifically related to buffer list reference handling during memory mapping operations. The vulnerability was discovered on April 2, 2024, and publicly disclosed on May 19, 2024. It affects the Linux kernel's iouring implementation, particularly the handling of buffer lists during mmap operations (NVD, RedHat).

The vulnerability stems from improper reference handling in the iouring/kbuf subsystem during mmap operations. The issue occurs because the iouring lock cannot be safely used inside mmap, potentially leading to a race condition where the buffer list could be unregistered while still in use. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) by Red Hat, while ZDI assigned it a higher CVSS score of 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) (RedHat, ZDI).

According to the Zero Day Initiative, this vulnerability allows local attackers to escalate privileges on affected Linux kernel installations. An attacker must first obtain the ability to execute low-privileged code on the target system. The successful exploitation could lead to arbitrary code execution in the context of the kernel (ZDI).

Linux has issued an update to correct this vulnerability. The fix involves modifying the buffer list reference handling to ensure proper reference counting during mmap operations. The solution uses RCU (Read-Copy-Update) mechanism to safely look up the buffer list and maintain a reference to it until the operation is complete (RedHat).