CVE-2024-0841

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 28, 2024
Updated: Jun 25, 2024
CWE ID 476

Summary

CVE-2024-0841 is a null pointer dereference vulnerability identified in the Linux kernel's hugetlbfs (HugeTLB pages) functionality. The hugetlbfs_fill_super function contains this flaw, which may lead to a local user causing a system crash or potentially elevating their privileges. By manipulating the null pointer, an attacker could exploit this vulnerability, resulting in unintended behavior and potential security risks. This issue highlights the importance of regular kernel updates to mitigate such vulnerabilities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share