CVE-2024-42079

July 29, 2024, 4:21 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush).

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116ce
https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828
https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6ef

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-29
CVE-2024-42079

Timeline

Published: July 29, 2024, 4:15 p.m.
Last Modified: July 29, 2024, 4:21 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.