CVE-2024-49957 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV8.8OSV6.7OSV6.3OSV4.7
EPSS
0.0%
top 99.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 21
Latest updateAug 14
Description
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix null-ptr-deref when journal load failed.
During the mounting process, if journal_reset() fails because of too short
journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer.
Subsequently, ocfs2_journal_shutdown() calls
jbd2_journal_flush()->jbd2_cleanup_journal_tail()->
__jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail()
->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer
dereferenc…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6