cve-2024-49999
Vulnerability from cvelistv5
Published
2024-10-21 18:02
Modified
2025-05-04 09:43
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the server record that we used after doing the fileserver iteration loop - but it's possible to exit the loop having had a response from the server that we've discarded (e.g. it returned an abort or we started receiving data, but the call didn't complete). This means that op->server might be NULL, but we don't check that before attempting to set the server flag.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3d51ab44123f35dd1d646d99a15ebef10f55e263Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/97c953572d98080c5f1486155350bb688041747aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ff98751bae40faed1ba9c6a7287e84430f7dec64Patch
Impacted products
Vendor Product Version
Linux Linux Version: 98f9fda2057ba34b720c4d353351024d6dcee90f
Version: 98f9fda2057ba34b720c4d353351024d6dcee90f
Version: 98f9fda2057ba34b720c4d353351024d6dcee90f
 Create a notification for this product.
   Linux Linux Version: 6.8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-49999",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-22T13:30:13.693852Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-22T13:38:41.400Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "fs/afs/fs_operation.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "3d51ab44123f35dd1d646d99a15ebef10f55e263",
                     status: "affected",
                     version: "98f9fda2057ba34b720c4d353351024d6dcee90f",
                     versionType: "git",
                  },
                  {
                     lessThan: "97c953572d98080c5f1486155350bb688041747a",
                     status: "affected",
                     version: "98f9fda2057ba34b720c4d353351024d6dcee90f",
                     versionType: "git",
                  },
                  {
                     lessThan: "ff98751bae40faed1ba9c6a7287e84430f7dec64",
                     status: "affected",
                     version: "98f9fda2057ba34b720c4d353351024d6dcee90f",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "fs/afs/fs_operation.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "6.8",
                  },
                  {
                     lessThan: "6.8",
                     status: "unaffected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.10.*",
                     status: "unaffected",
                     version: "6.10.14",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.11.*",
                     status: "unaffected",
                     version: "6.11.3",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.12",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         cpeApplicability: [
            {
               nodes: [
                  {
                     cpeMatch: [
                        {
                           criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                           versionEndExcluding: "6.10.14",
                           versionStartIncluding: "6.8",
                           vulnerable: true,
                        },
                        {
                           criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                           versionEndExcluding: "6.11.3",
                           versionStartIncluding: "6.8",
                           vulnerable: true,
                        },
                        {
                           criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                           versionEndExcluding: "6.12",
                           versionStartIncluding: "6.8",
                           vulnerable: true,
                        },
                     ],
                     negate: false,
                     operator: "OR",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix the setting of the server responding flag\n\nIn afs_wait_for_operation(), we set transcribe the call responded flag to\nthe server record that we used after doing the fileserver iteration loop -\nbut it's possible to exit the loop having had a response from the server\nthat we've discarded (e.g. it returned an abort or we started receiving\ndata, but the call didn't complete).\n\nThis means that op->server might be NULL, but we don't check that before\nattempting to set the server flag.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-05-04T09:43:27.031Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/3d51ab44123f35dd1d646d99a15ebef10f55e263",
            },
            {
               url: "https://git.kernel.org/stable/c/97c953572d98080c5f1486155350bb688041747a",
            },
            {
               url: "https://git.kernel.org/stable/c/ff98751bae40faed1ba9c6a7287e84430f7dec64",
            },
         ],
         title: "afs: Fix the setting of the server responding flag",
         x_generator: {
            engine: "bippy-1.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-49999",
      datePublished: "2024-10-21T18:02:38.958Z",
      dateReserved: "2024-10-21T12:17:06.057Z",
      dateUpdated: "2025-05-04T09:43:27.031Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-49999\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-10-21T18:15:19.973\",\"lastModified\":\"2024-10-29T18:03:40.857\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nafs: Fix the setting of the server responding flag\\n\\nIn afs_wait_for_operation(), we set transcribe the call responded flag to\\nthe server record that we used after doing the fileserver iteration loop -\\nbut it's possible to exit the loop having had a response from the server\\nthat we've discarded (e.g. it returned an abort or we started receiving\\ndata, but the call didn't complete).\\n\\nThis means that op->server might be NULL, but we don't check that before\\nattempting to set the server flag.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: afs: Arreglar la configuración del indicador de respuesta del servidor En afs_wait_for_operation(), configuramos la transcripción del indicador de respuesta de llamada en el registro del servidor que usamos después de realizar el bucle de iteración del servidor de archivos, pero es posible salir del bucle después de haber recibido una respuesta del servidor que descartamos (por ejemplo, devolvió un aborto o comenzamos a recibir datos, pero la llamada no se completó). Esto significa que op->server podría ser NULL, pero no lo verificamos antes de intentar configurar el indicador del servidor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.8\",\"versionEndExcluding\":\"6.10.14\",\"matchCriteriaId\":\"0E3AE738-A62B-4806-9D9C-933998214C6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.11\",\"versionEndExcluding\":\"6.11.3\",\"matchCriteriaId\":\"54D9C704-D679-41A7-9C40-10A6B1E7FFE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3d51ab44123f35dd1d646d99a15ebef10f55e263\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/97c953572d98080c5f1486155350bb688041747a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ff98751bae40faed1ba9c6a7287e84430f7dec64\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-49999\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-22T13:30:13.693852Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-22T13:30:16.844Z\"}}], \"cna\": {\"title\": \"afs: Fix the setting of the server responding flag\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"98f9fda2057b\", \"lessThan\": \"3d51ab44123f\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"98f9fda2057b\", \"lessThan\": \"97c953572d98\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"98f9fda2057b\", \"lessThan\": \"ff98751bae40\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/afs/fs_operation.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.8\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.10.14\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.10.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.11.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12-rc2\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/afs/fs_operation.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/3d51ab44123f35dd1d646d99a15ebef10f55e263\"}, {\"url\": \"https://git.kernel.org/stable/c/97c953572d98080c5f1486155350bb688041747a\"}, {\"url\": \"https://git.kernel.org/stable/c/ff98751bae40faed1ba9c6a7287e84430f7dec64\"}], \"x_generator\": {\"engine\": \"bippy-9e1c9544281a\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nafs: Fix the setting of the server responding flag\\n\\nIn afs_wait_for_operation(), we set transcribe the call responded flag to\\nthe server record that we used after doing the fileserver iteration loop -\\nbut it's possible to exit the loop having had a response from the server\\nthat we've discarded (e.g. it returned an abort or we started receiving\\ndata, but the call didn't complete).\\n\\nThis means that op->server might be NULL, but we don't check that before\\nattempting to set the server flag.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-11-05T09:53:13.179Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-49999\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-05T09:53:13.179Z\", \"dateReserved\": \"2024-10-21T12:17:06.057Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-10-21T18:02:38.958Z\", \"assignerShortName\": \"Linux\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.