5.5

CVE-2024-50241

NFSD: Initialize struct nfsd4_copy earlier

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Initialize struct nfsd4_copy earlier

Ensure the refcount and async_copies fields are initialized early.
cleanup_async_copy() will reference these fields if an error occurs
in nfsd4_copy(). If they are not correctly initialized, at the very
least, a refcount underflow occurs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.10.14 < 6.11.7
LinuxLinux Kernel Version6.12 Updaterc1
LinuxLinux Kernel Version6.12 Updaterc2
LinuxLinux Kernel Version6.12 Updaterc3
LinuxLinux Kernel Version6.12 Updaterc4
LinuxLinux Kernel Version6.12 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.108
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/059434d23c4578d9d02efb92d848ea21bc640112
https://git.kernel.org/stable/c/421f1a2a1afb47d88de09457ef7687e1df7bc997
https://git.kernel.org/stable/c/63fab04cbd0f96191b6e5beedc3b643b01c15889
Patch
Mailing List
https://git.kernel.org/stable/c/7267625baf365a969f1b25ded6f07b64bc90ec5b
https://git.kernel.org/stable/c/c3074003fa6837c2b89a34d8d12d9463b59d22d6
https://git.kernel.org/stable/c/e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1
Patch
Mailing List