5.5
CVE-2024-50241
- EPSS 0.21%
- Veröffentlicht 09.11.2024 11:15:09
- Zuletzt bearbeitet 14.12.2024 21:15:33
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
NFSD: Initialize struct nfsd4_copy earlier
In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4_copy earlier Ensure the refcount and async_copies fields are initialized early. cleanup_async_copy() will reference these fields if an error occurs in nfsd4_copy(). If they are not correctly initialized, at the very least, a refcount underflow occurs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.10.14 < 6.11.7
Linux ≫ Linux Kernel Version6.12 Updaterc1
Linux ≫ Linux Kernel Version6.12 Updaterc2
Linux ≫ Linux Kernel Version6.12 Updaterc3
Linux ≫ Linux Kernel Version6.12 Updaterc4
Linux ≫ Linux Kernel Version6.12 Updaterc5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.108 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
https://git.kernel.org/stable/c/059434d23c4578d9d02efb92d848ea21bc640112
https://git.kernel.org/stable/c/421f1a2a1afb47d88de09457ef7687e1df7bc997
https://git.kernel.org/stable/c/63fab04cbd0f96191b6e5beedc3b643b01c15889
https://git.kernel.org/stable/c/7267625baf365a969f1b25ded6f07b64bc90ec5b
https://git.kernel.org/stable/c/c3074003fa6837c2b89a34d8d12d9463b59d22d6
https://git.kernel.org/stable/c/e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1