CVE-2024-42079
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-42079 is a vulnerability affecting the Linux kernel that has been addressed. In the gfs2 file system, a NULL pointer dereference occurred in the gfs2_log_flush function due to an uninitialized pointer in gfs2_jindex_free. This issue could lead to a race condition where gfs2_log_flush tried to access the pointer while it was still NULL, resulting in a NULL pointer dereference. This vulnerability could potentially be exploited during an unmount operation, posing a potential security risk. The issue has been resolved by ensuring that sdp->sd_jdesc is set to NULL before gfs2_log_flush accesses it.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.