{"id":"CVE-2024-38580","summary":"epoll: be better about file lifetimes","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last 'fput()'. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won't actually get a reference to the file any\nmore: it's dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines.","modified":"2026-04-02T12:16:51.687043Z","published":"2024-06-19T13:37:37.840Z","related":["ALSA-2024:4928","MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:2360-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2381-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38580.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/16e3182f6322575eb7c12e728ad3c7986a189d5d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4efaa5acf0a1d2b5947f98abb3acf8bfd966422b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f65f4defe4e23659275ce5153541cd4f76ce2d2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/559214eb4e5c3d05e69428af2fae2691ba1eb784"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cbfd1088e24ec4c1199756a37cb8e4cd0a4b016e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38580.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38580"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"cbfd1088e24ec4c1199756a37cb8e4cd0a4b016e"},{"fixed":"559214eb4e5c3d05e69428af2fae2691ba1eb784"},{"fixed":"4f65f4defe4e23659275ce5153541cd4f76ce2d2"},{"fixed":"16e3182f6322575eb7c12e728ad3c7986a189d5d"},{"fixed":"4efaa5acf0a1d2b5947f98abb3acf8bfd966422b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38580.json"}}],"schema_version":"1.7.5"}