CVE-2024-26632

block: Fix iterating over an empty bio with bio_for_each_folio_all

Severity Score

4.4

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a
NULL pointer and oopses. Move the test that we've reached the end of
the bio from bio_next_folio() to bio_first_folio(). [axboe: add unlikely() to error case]

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bloque: corrige la iteración sobre una biografía vacía con bio_for_each_folio_all Si la biografía no contiene datos, bio_first_folio() llama a page_folio() en un puntero NULL y ¡vaya! Mueve la prueba de que hemos llegado al final de la biografía de bio_next_folio() a bio_first_folio(). [axboe: agregue improbable() al caso de error]

In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we've reached the end of the bio from bio_next_folio() to bio_first_folio(). [axboe: add unlikely() to error case]

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Multiple

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-03-18 CVE Published
2025-04-26 EPSS Updated
2025-05-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/640d1930bef4f87ec8d8d2b05f0f6edc1dfcf662	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe	2024-01-25
https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659	2024-01-25
https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde	2024-01-25
https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7	2024-01-16

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.17 < 6.1.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.1.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.17 < 6.6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.6.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.17 < 6.7.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.7.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.17 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.8"		en		Affected