CVE-2024-47737

nfsd: call cache_put if xdr_reserve_space returns NULL

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered
lookup_fn which calls cache_get and returns successfully. Then we
missed to call cache_put here which pairs with cache_get. Reviwed-by: Jeff Layton <jlayton@kernel.org>

In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get. Reviwed-by: Jeff Layton <jlayton@kernel.org>

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-09-30 CVE Reserved
2024-10-21 CVE Published
2024-12-19 CVE Updated
2025-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/ddd1ea56367202f6c99135cd59de7a97af4c4ffd	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/3e8081ebff12bec1347deaceb6bce0765cce54df	2024-11-08
https://git.kernel.org/stable/c/c6b16e700cf4d959af524bd9d3978407ff7ce462	2024-11-08
https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134	2024-10-17
https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd	2024-10-17
https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056	2024-10-17
https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da	2024-10-04
https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029	2024-10-04
https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834	2024-10-04
https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7	2024-09-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 4.19.323 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 4.19.323"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 5.4.285 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.4.285"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 5.10.227 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.10.227"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 5.15.168 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.15.168"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 6.1.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.1.113"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 6.6.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.6.54"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 6.10.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.10.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 6.11.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.11.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.16 < 6.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.12"		en		Affected