5.5

CVE-2024-49877

ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate

When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger
NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if
bh is NULL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.10.227
LinuxLinux Kernel Version >= 5.11 < 5.15.168
LinuxLinux Kernel Version >= 5.16 < 6.1.113
LinuxLinux Kernel Version >= 6.2 < 6.6.55
LinuxLinux Kernel Version >= 6.7 < 6.10.14
LinuxLinux Kernel Version >= 6.11 < 6.11.3
LinuxLinux Kernel Version4.4.204
LinuxLinux Kernel Version4.9.204
LinuxLinux Kernel Version4.14.157
LinuxLinux Kernel Version4.19.87
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.159
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112
Patch
https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca
https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e
Patch
https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9
Patch
https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64
Patch
https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988
Patch
https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49
Patch
https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe
Patch
https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html