NVD

CVE-2024-47737 Detail

Modified After Enrichment

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get. Reviwed-by: Jeff Layton <[email protected]>

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 5.5 MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://cert-portal.siemens.com/productcert/html/ssa-265688.html	siemens-SADP
https://cert-portal.siemens.com/productcert/html/ssa-355557.html	siemens-SADP
https://cert-portal.siemens.com/productcert/html/ssa-398330.html	siemens-SADP
https://git.kernel.org/stable/c/3e8081ebff12bec1347deaceb6bce0765cce54df	kernel.org
https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056	kernel.org	Patch
https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834	kernel.org	Patch
https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd	kernel.org	Patch
https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134	kernel.org	Patch
https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da	kernel.org	Patch
https://git.kernel.org/stable/c/c6b16e700cf4d959af524bd9d3978407ff7ce462	kernel.org
https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7	kernel.org	Patch
https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029	kernel.org	Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html	CVE
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html	CVE

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-476	NULL Pointer Dereference	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

9 change records found show changes

CVE Modified by siemens-SADP 6/17/2026 3:57:39 AM

Action

Type

Old Value

New Value

Added

Affected

[{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"unaffected"}]},{"vendor":"Siemens","product":"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"unaffected"}]},{"vendor":"Siemens","product":"SCALANCE XCM-/XRM-/XCH-/XRH-300 family","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"unaffected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom","status":"affected"}]}]

CVE Modified by kernel.org 6/17/2026 3:57:39 AM

Action

Type

Old Value

New Value

Added

Affected

Record truncated, showing 2048 of 2695 characters.
View Entire Change Record

[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/nfsd/nfs4idmap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"3e8081ebff12bec1347deaceb6bce0765cce54df","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"c6b16e700cf4d959af524bd9d3978407ff7ce462","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"9f03f0016ff797932551881c7e06ae50e9c39134","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"9803ab882d565a8fb2dde5999d98866d1c499dfd","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"81821617312988096f5deccf0f7da6f888e98056","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"a1afbbb5276f943ad7173d0b4c626b8c75a260da","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"e32ee6a61041925d1a05c14d10352dcfce9ef029","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"8d0765f86135e27f0bb5c950c136495719b4c834","versionType":"git","status":"affected"},{"version":"ddd1ea56367202f6c99135cd59de7a97af4c4ffd","lessThan":"d078cbf5c38de83bc31f83c47dcd2184c04a50c7","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/nfsd/nfs4idmap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.16","status":"affected"},{"version":"0","lessThan":"3.16","versionType":"semver","status":"unaffected"},{"version":"4.19.323","lessThanOrEqual":"4.19.*","versionType":"semver","status":"unaffected"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","versionType":"semver","status":"unaffected"},{"version":"5.10.227

Initial Analysis by NIST 10/23/2024 1:00:01 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Added	CWE		NIST CWE-476
Added	CPE Configuration		OR cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 3.16 up to (excluding) 5.10.227 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.11 up to (excluding) 5.15.168 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16 up to (excluding) 6.1.113 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2 up to (excluding) 6.6.54 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.10.13 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.11 up to (excluding) 6.11.2
Changed	Reference Type	https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056 No Types Assigned	https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834 No Types Assigned	https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd No Types Assigned	https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd Patch
Changed	Reference Type	https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134 No Types Assigned	https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da No Types Assigned	https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da Patch
Changed	Reference Type	https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7 No Types Assigned	https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029 No Types Assigned	https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029 Patch

New CVE Received from kernel.org 10/21/2024 9:15:03 AM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get. Reviwed-by: Jeff Layton <[email protected]>
Added	Reference	kernel.org https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029 [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-47737
NVD Published Date:
10/21/2024
NVD Last Modified:
06/17/2026
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-47737 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by siemens-SADP 6/17/2026 3:57:39 AM

CVE Modified by CISA-ADP 6/17/2026 3:57:39 AM

CVE Modified by kernel.org 6/17/2026 3:57:39 AM

CVE Modified by siemens-SADP 5/12/2026 8:17:16 AM

CVE Modified by CVE 11/03/2025 6:16:20 PM

CVE Modified by CVE 11/03/2025 4:16:28 PM

CVE Modified by kernel.org 11/08/2024 11:15:27 AM

Initial Analysis by NIST 10/23/2024 1:00:01 PM

New CVE Received from kernel.org 10/21/2024 9:15:03 AM

Quick Info