U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-49877 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if bh is NULL.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112 Patch 
https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca
https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e Patch 
https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9 Patch 
https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64 Patch 
https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988 Patch 
https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49 Patch 
https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe Patch 
https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6

Weakness Enumeration

CWE-ID CWE Name Source
CWE-476 NULL Pointer Dereference cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-49877
NVD Published Date:
10/21/2024
NVD Last Modified:
11/08/2024
Source:
kernel.org