CVE-2024-49877 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV8.8OSV6.7OSV6.3OSV4.7
EPSS
0.0%
top 98.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 21
Latest updateAug 14
Description
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger
NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if
bh is NULL.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6