CVE-2024-50277
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 476
Summary
CVE-2024-50277 is a recently identified vulnerability affecting the Linux kernel. When the function blk_alloc_disk fails, a subsequent attempt is made by the cleanup_mapped_device function to access the md->disk variable, which has been set to an error value. This results in a crash when the line "md->disk->private_data = NULL;" is executed. The Linux community has released a patch to resolve this issue and prevent potential crashes.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX