CVE-2024-50109
md/raid10: fix null ptr dereference in raid10_size()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix null ptr dereference in raid10_size()
In raid10_run() if raid10_set_queue_limits() succeed, the return value
is set to zero, and if following procedures failed raid10_run() will
return zero while mddev->private is still NULL, causing null ptr
dereference in raid10_size().
Fix the problem by only overwrite the return value if
raid10_set_queue_limits() failed.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md/raid10: se corrige la desreferencia ptr nulo en raid10_size() En raid10_run(), si raid10_set_queue_limits() tiene éxito, el valor de retorno se establece en cero y, si fallan los siguientes procedimientos, raid10_run() devolverá cero mientras que mddev->private sigue siendo NULL, lo que provoca una desreferencia ptr nula en raid10_size(). Solucione el problema sobrescribiendo solo el valor de retorno si raid10_set_queue_limits() falla.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2024-10-21 CVE Reserved
- 2024-11-05 CVE Published
- 2024-11-06 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/3d8466ba68d444f5528dcbff106e8bf5c7d51aa0 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/stable/c/b3054db2fd2d35f2eb3b4b5fb1407792f465391c | 2024-11-01 | |
https://git.kernel.org/stable/c/825711e00117fc686ab89ac36a9a7b252dc349c6 | 2024-10-17 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.9 < 6.11.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9 < 6.11.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.9 < 6.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9 < 6.12" | en |
Affected
|