{"vulnerability": "CVE-2024-44939", "sightings": [{"uuid": "8b08c11d-38c8-4470-82c4-1378adbe3a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "f0ba9473-f852-4904-a0df-9d45bb654664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://t.me/cvedetector/4134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44939 - Linux Kernel JFS Null Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2024-44939 \nPublished : Aug. 26, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \njfs: fix null ptr deref in dtInsertEntry  \n  \n[syzbot reported]  \ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI  \nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]  \nCPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024  \nRIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713  \n...  \n[Analyze]  \nIn dtInsertEntry(), when the pointer h has the same value as p, after writing  \nname in UniStrncpy_to_le(), p->header.flag will be cleared. This will cause the  \npreviously true judgment \"p->header.flag & BT-LEAF\" to change to no after writing  \nthe name operation, this leads to entering an incorrect branch and accessing the  \nuninitialized object ih when judging this condition for the second time.  \n  \n[Fix]  \nAfter got the page, check freelist first, if freelist == 0 then exit dtInsert()  \nand return -EINVAL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T15:23:52.000000Z"}]}