CVE-2024-53217NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference93 documents8 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV7.8
EPSS
0.0%
top 99.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedDec 27
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() will try to dereference @ses and segfault.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

NVDlinux/linux_kernel2.6.384.19.325+7
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.4.0-211.231+6
CVEListV5linux/linuxdcbeaa68dbbdacbbb330a86c7fc95a28473fc209d9a0d1f6e15859ea7a86a327f28491e23deaaa62+9
debiandebian/linux< linux 6.1.123-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

45
OSV
linux vulnerabilities2026-02-24
OSV
linux-azure-fips vulnerabilities2025-12-16
OSV
linux-fips vulnerabilities2025-12-15
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2025-12-15
OSV
linux-azure, linux-azure-4.15, linux-oracle, vulnerabilities2025-12-12

📋Vendor Advisories

47
Ubuntu
Linux kernel vulnerabilities2026-02-24
Ubuntu
Kernel Live Patch Security Notice2026-01-29
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-12-16
Ubuntu
Linux kernel vulnerabilities2025-12-15
Ubuntu
Linux kernel (FIPS) vulnerabilities2025-12-15