CVE-2024-42079

MEDIUM EPSS 18.2%
Published Jul 29, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 29, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush).

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
18.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel* <6.6.37
linuxlinux_kernel*≥6.7  –  <6.9.8

References 5

  • git.kernel.org https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f6a84cfb33b34610623857bd93919dcb661e29b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3c5cfa3170c0940bc66a142859caac07d19b9d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6ef
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f6a84cfb33b34610623857bd93919dcb661e29b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3c5cfa3170c0940bc66a142859caac07d19b9d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6ef
    Patch