← Back

CVE-2024-50241

nvd nist
Published: Nov 9, 2024Modified: Dec 14, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4_copy earlier Ensure the refcount and async_copies fields are initialized early. cleanup_async_copy() will reference these fields if an error occurs in nfsd4_copy(). If they are not correctly initialized, at the very least, a refcount underflow occurs.

Affected (6)

Products: Linux: Linux Kernel
Linux
1 product
Linux Kernel
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 6.10.14 to 6.11.7
Linux Kernel
Version 6.12 rc1
Linux Kernel
Version 6.12 rc2
Linux Kernel
Version 6.12 rc3
Linux Kernel
Version 6.12 rc4
Linux Kernel
Version 6.12 rc5

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (6)

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Mailing ListPatch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Mailing ListPatch

Timeline

No history available yet.