Products
Linux Kernel
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Tags
CVE-2024-41049 details
Published : July 29, 2024, 3:15 p.m.
Last Modified : July 29, 2024, 4:21 p.m.
Last Modified : July 29, 2024, 4:21 p.m.
Description
In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6a | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58b | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
This website uses the NVD API, but is not approved or certified by it.