Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 6.6.37 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116cePatch
- https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828Patch
- https://git.kernel.org/stable/c/5f6a84cfb33b34610623857bd93919dcb661e29bPatch
- https://git.kernel.org/stable/c/c3c5cfa3170c0940bc66a142859caac07d19b9d6Patch
- https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6efPatch
- https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116cePatch
- https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828Patch
- https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6efPatch
FAQ
What is CVE-2024-42079?
CVE-2024-42079 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to ...
How severe is CVE-2024-42079?
CVE-2024-42079 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-42079?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.