CVE-2024-50179Resource Injection in Linux

CWE-99Resource Injection88 documents8 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV6.7OSV6.3OSV4.7
EPSS
0.0%
top 99.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
LinuxLinux KernelDebian Linux+5 more
Timeline
PublishedNov 8
Latest updateDec 16

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages10 packages

NVDlinux/linux_kernel4.24.19.323+7
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.4.0-208.228+5
CVEListV5linux/linux5dda377cf0a6bd43f64a3c1efb670d7c668e7b29c26c5ec832dd9e9dcd0a0a892a485c99889b68f0+9
debiandebian/linux< linux 6.1.115-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

43
OSV
linux-azure-fips vulnerabilities2025-12-16
OSV
linux-fips vulnerabilities2025-12-15
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2025-12-15
OSV
linux-azure, linux-azure-4.15, linux-oracle, vulnerabilities2025-12-12
OSV
linux-gcp, linux-gcp-4.15, linux-hwe vulnerabilities2025-12-04

📋Vendor Advisories

44
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-12-16
Ubuntu
Linux kernel vulnerabilities2025-12-15
Ubuntu
Linux kernel (FIPS) vulnerabilities2025-12-15
Ubuntu
Linux kernel kernel vulnerabilities2025-12-12
Ubuntu
Linux kernel vulnerabilities2025-12-04
CVE-2024-50179 — Resource Injection in Linux | cvebase