U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-41077 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: null_blk: fix validation of block size Block size should be between 512 and PAGE_SIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, null_blk would Oops due to a null pointer deref when loaded with bs=1536 [1]. [axboe: remove unnecessary braces and != 0 check]


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/08f03186b96e25e3154916a2e70732557c770ea7
https://git.kernel.org/stable/c/08f03186b96e25e3154916a2e70732557c770ea7
https://git.kernel.org/stable/c/2772ed2fc075eef7df3789906fc9dae01e4e132e
https://git.kernel.org/stable/c/2772ed2fc075eef7df3789906fc9dae01e4e132e
https://git.kernel.org/stable/c/9625afe1dd4a158a14bb50f81af9e2dac634c0b1
https://git.kernel.org/stable/c/9625afe1dd4a158a14bb50f81af9e2dac634c0b1
https://git.kernel.org/stable/c/9b873bdaae64bddade9d8c6df23c8a31948d47d0
https://git.kernel.org/stable/c/9b873bdaae64bddade9d8c6df23c8a31948d47d0
https://git.kernel.org/stable/c/c462ecd659b5fce731f1d592285832fd6ad54053
https://git.kernel.org/stable/c/c462ecd659b5fce731f1d592285832fd6ad54053
https://git.kernel.org/stable/c/f92409a9da02f27d05d713bff5f865e386cef9b3
https://git.kernel.org/stable/c/f92409a9da02f27d05d713bff5f865e386cef9b3

Weakness Enumeration

CWE-ID CWE Name Source

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-41077
NVD Published Date:
07/29/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org