CVE-2024-49957

MEDIUM EPSS 16.1%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journal_reset() fails because of too short journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. Subsequently, ocfs2_journal_shutdown() calls jbd2_journal_flush()->jbd2_cleanup_journal_tail()-> __jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail() ->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer dereference error. To resolve this issue, we should check the JBD2_LOADED flag to ensure the journal was properly loaded. Additionally, use journal instead of osb->journal directly to simplify the code.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
16.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥2.6.32  –  <5.10.227
linuxlinux_kernel*≥5.11  –  <5.15.168
linuxlinux_kernel*≥5.16  –  <6.1.113
linuxlinux_kernel*≥6.2  –  <6.6.55
linuxlinux_kernel*≥6.7  –  <6.10.14
linuxlinux_kernel*≥6.11  –  <6.11.3

References 11

  • git.kernel.org https://git.kernel.org/stable/c/387bf565cc03e2e8c720b8b4798efea4aacb6962
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5784d9fcfd43bd853654bb80c87ef293b9e8e80a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/703b2c7e0798d263154dc8593dc2345f75dc077f
  • git.kernel.org https://git.kernel.org/stable/c/82dfdd1e31e774578f76ce6dc90c834f96403a0f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86a89e75e9e4dfa768b97db466ad6bedf2e7ea5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bf605ae98dab5c15c5b631d4d7f88898cb41b649
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f60e94a83db799bde625ac8671a5b4a6354e7120
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd89d92c1140cee8f59de336cb37fa65e359c123
  • git.kernel.org https://git.kernel.org/stable/c/ff55291fb36779819211b596da703389135f5b05
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/387bf565cc03e2e8c720b8b4798efea4aacb6962
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5784d9fcfd43bd853654bb80c87ef293b9e8e80a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/82dfdd1e31e774578f76ce6dc90c834f96403a0f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86a89e75e9e4dfa768b97db466ad6bedf2e7ea5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bf605ae98dab5c15c5b631d4d7f88898cb41b649
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f60e94a83db799bde625ac8671a5b4a6354e7120
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ff55291fb36779819211b596da703389135f5b05
    Patch