CVE-2024-41077

July 29, 2024, 4:21 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: null_blk: fix validation of block size Block size should be between 512 and PAGE_SIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, null_blk would Oops due to a null pointer deref when loaded with bs=1536 [1]. [axboe: remove unnecessary braces and != 0 check]

Product(s) Impacted

Product Versions
Linux Kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/08f03186b96e25e3154916a2e70732557c770ea7
https://git.kernel.org/stable/c/2772ed2fc075eef7df3789906fc9dae01e4e132e
https://git.kernel.org/stable/c/9625afe1dd4a158a14bb50f81af9e2dac634c0b1
https://git.kernel.org/stable/c/9b873bdaae64bddade9d8c6df23c8a31948d47d0
https://git.kernel.org/stable/c/c462ecd659b5fce731f1d592285832fd6ad54053
https://git.kernel.org/stable/c/f92409a9da02f27d05d713bff5f865e386cef9b3

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-29
CVE-2024-41077

Timeline

Published: July 29, 2024, 3:15 p.m.
Last Modified: July 29, 2024, 4:21 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.