5.5

CVE-2024-40938

landlock: Fix d_parent walk

In the Linux kernel, the following vulnerability has been resolved:

landlock: Fix d_parent walk

The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when
trying to link a root mount point.  This cannot work in practice because
this directory is mounted, but the VFS check is done after the call to
security_path_link().

Do not use source directory's d_parent when the source directory is the
mount point.

[mic: Fix commit message]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.19 < 6.1.95
LinuxLinux Kernel Version >= 6.2 < 6.6.35
LinuxLinux Kernel Version >= 6.7 < 6.9.6
LinuxLinux Kernel Version6.10 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.159
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/88da52ccd66e65f2e63a6c35c9dff55d448ef4dc
Patch
https://git.kernel.org/stable/c/b6e5e696435832b33e40775f060ef5c95f4fda1f
Patch
https://git.kernel.org/stable/c/c7618c7b0b8c45bcef34410cc1d1e953eb17f8f6
Patch
https://git.kernel.org/stable/c/cc30d05b34f9a087a6928d09b131f7b491e9ab11
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html