CVE-2024-26880 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV7.0OSV6.5
EPSS
0.0%
top 87.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 17
Latest updateOct 17
Description
In the Linux kernel, the following vulnerability has been resolved:
dm: call the resume method on internal suspend
There is this reported crash when experimenting with the lvm2 testsuite.
The list corruption is caused by the fact that the postsuspend and resume
methods were not paired correctly; there were two consecutive calls to the
origin_postsuspend function. The second call attempts to remove the
"hash_list" entry from a list, while it was already removed by the first
call.
Fix __dm_inte…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linuxffcc39364160663cda1a3c358f4537302a92459b — 69836d9329f0b4c58faaf3d886a7748ddb5bf718+9
Also affects: Debian Linux 10.0
Patches
🔴Vulnerability Details
25OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities↗2024-09-23