CVE-2024-49877

MEDIUM

Linux kernel - Null Pointer Dereference

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if bh is NULL.

References (11)

Core 11

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Patch

https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca

Patch

https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6

Patch

https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988

Patch

https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe

Patch

https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112

Patch

https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49

Patch

https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9

Patch

https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64

Patch

https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e

Scores

CVSS v3 5.5

EPSS 0.0025

EPSS Percentile 16.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (39)

linux/Kernel < 4.19.323linux

linux/Kernel 4.20.0 - 5.10.227linux

linux/Kernel 5.11.0 - 6.1.113linux

linux/Kernel 5.16.0 - 6.6.55linux

linux/Kernel 5.5.0 - 5.15.168linux

linux/Kernel 6.2.0 - 6.10.14linux

linux/Kernel 6.7.0 - 6.11.3linux

Linux/Linux < 4.20

Linux/Linux 01f93d5e36753fc4d06ec67f05ce78c9c6f2dd56

Linux/Linux 4.14.157 - 4.15

... and 29 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026