CVE-2024-50091

In the Linux kernel, the following vulnerability has been resolved: dm vdo: don't refer to dedupe_context after releasing it Clear the dedupe_context pointer in a data_vio whenever ownership of the context is lost, so that vdo can't examine it accidentally.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

12 Nov 2024, 21:44

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/0808ebf2f80b962e75741a41ced372a7116f1e26 - () https://git.kernel.org/stable/c/0808ebf2f80b962e75741a41ced372a7116f1e26 - Patch
References () https://git.kernel.org/stable/c/63ef073084c67878d7a92e15ad055172da3f05a3 - () https://git.kernel.org/stable/c/63ef073084c67878d7a92e15ad055172da3f05a3 - Patch

06 Nov 2024, 18:17

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dm vdo: no hacer referencia a dedupe_context después de liberarlo. Borre el puntero dedupe_context en un data_vio siempre que se pierda la propiedad del contexto, de modo que vdo no pueda examinarlo accidentalmente.

05 Nov 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-05 17:15

Updated : 2024-11-12 21:44


NVD link : CVE-2024-50091

Mitre link : CVE-2024-50091

CVE.ORG link : CVE-2024-50091


JSON object : View

Products Affected

linux

  • linux_kernel