fkie_cve-2024-49957
Vulnerability from fkie_nvd
Published
2024-10-21 18:15
Modified
2024-11-08 16:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journal_reset() fails because of too short journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. Subsequently, ocfs2_journal_shutdown() calls jbd2_journal_flush()->jbd2_cleanup_journal_tail()-> __jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail() ->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer dereference error. To resolve this issue, we should check the JBD2_LOADED flag to ensure the journal was properly loaded. Additionally, use journal instead of osb->journal directly to simplify the code.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/387bf565cc03e2e8c720b8b4798efea4aacb6962Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5784d9fcfd43bd853654bb80c87ef293b9e8e80aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/703b2c7e0798d263154dc8593dc2345f75dc077f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/82dfdd1e31e774578f76ce6dc90c834f96403a0fPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/86a89e75e9e4dfa768b97db466ad6bedf2e7ea5bPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bf605ae98dab5c15c5b631d4d7f88898cb41b649Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f60e94a83db799bde625ac8671a5b4a6354e7120Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fd89d92c1140cee8f59de336cb37fa65e359c123
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ff55291fb36779819211b596da703389135f5b05Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF903132-A3AF-4A91-AFA9-3C8A9C378FAE",
              "versionEndExcluding": "5.10.227",
              "versionStartIncluding": "2.6.32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C",
              "versionEndExcluding": "5.15.168",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE",
              "versionEndExcluding": "6.1.113",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0",
              "versionEndExcluding": "6.6.55",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021",
              "versionEndExcluding": "6.10.14",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9",
              "versionEndExcluding": "6.11.3",
              "versionStartIncluding": "6.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix null-ptr-deref when journal load failed.\n\nDuring the mounting process, if journal_reset() fails because of too short\njournal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. \nSubsequently, ocfs2_journal_shutdown() calls\njbd2_journal_flush()-\u003ejbd2_cleanup_journal_tail()-\u003e\n__jbd2_update_log_tail()-\u003ejbd2_journal_update_sb_log_tail()\n-\u003elock_buffer(journal-\u003ej_sb_buffer), resulting in a null-pointer\ndereference error.\n\nTo resolve this issue, we should check the JBD2_LOADED flag to ensure the\njournal was properly loaded.  Additionally, use journal instead of\nosb-\u003ejournal directly to simplify the code."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: se corrige el error null-ptr-deref cuando falla la carga del diario. Durante el proceso de montaje, si journal_reset() falla debido a que el diario es demasiado corto, entonces provoca que jbd2_journal_load() falle con j_sb_buffer NULL. Posteriormente, ocfs2_journal_shutdown() llama a jbd2_journal_flush()-\u0026gt;jbd2_cleanup_journal_tail()-\u0026gt; __jbd2_update_log_tail()-\u0026gt;jbd2_journal_update_sb_log_tail() -\u0026gt;lock_buffer(journal-\u0026gt;j_sb_buffer), lo que da como resultado un error de desreferencia de puntero nulo. Para resolver este problema, debemos verificar el indicador JBD2_LOADED para asegurarnos de que el diario se carg\u00f3 correctamente. Adem\u00e1s, use journal en lugar de osb-\u0026gt;journal directamente para simplificar el c\u00f3digo."
    }
  ],
  "id": "CVE-2024-49957",
  "lastModified": "2024-11-08T16:15:33.963",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-21T18:15:16.950",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/387bf565cc03e2e8c720b8b4798efea4aacb6962"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5784d9fcfd43bd853654bb80c87ef293b9e8e80a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/703b2c7e0798d263154dc8593dc2345f75dc077f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/82dfdd1e31e774578f76ce6dc90c834f96403a0f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/86a89e75e9e4dfa768b97db466ad6bedf2e7ea5b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bf605ae98dab5c15c5b631d4d7f88898cb41b649"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f60e94a83db799bde625ac8671a5b4a6354e7120"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fd89d92c1140cee8f59de336cb37fa65e359c123"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ff55291fb36779819211b596da703389135f5b05"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.