CVE-2024-42079

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 29, 2024
Updated: Jul 30, 2024
CWE ID 476

Summary

CVE-2024-42079 is a vulnerability affecting the Linux kernel that has been addressed. In the gfs2 file system, a NULL pointer dereference occurred in the gfs2_log_flush function due to an uninitialized pointer in gfs2_jindex_free. This issue could lead to a race condition where gfs2_log_flush tried to access the pointer while it was still NULL, resulting in a NULL pointer dereference. This vulnerability could potentially be exploited during an unmount operation, posing a potential security risk. The issue has been resolved by ensuring that sdp->sd_jdesc is set to NULL before gfs2_log_flush accesses it.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share