CVE-2024-41075

July 29, 2024, 4:21 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: * Generic, copen can only complete open requests, and cread can only complete read requests. * For copen, ondemand_id must not be 0, because this indicates that the request has not been read by the daemon. * For cread, the object corresponding to fd and req should be the same.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/36d845ccd7bf527110a65fe953886a176c209539
https://git.kernel.org/stable/c/3b744884c0431b5a62c92900e64bfd0ed61e8e2a
https://git.kernel.org/stable/c/8aaa6c5dd2940ab934d6cd296175f43dbb32b34a
https://git.kernel.org/stable/c/a26dc49df37e996876f50a0210039b2d211fdd6f

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-29
CVE-2024-41075

Timeline

Published: July 29, 2024, 3:15 p.m.
Last Modified: July 29, 2024, 4:21 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.