CVE-2024-50277

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 476

Summary

CVE-2024-50277 is a recently identified vulnerability affecting the Linux kernel. When the function blk_alloc_disk fails, a subsequent attempt is made by the cleanup_mapped_device function to access the md->disk variable, which has been set to an error value. This results in a crash when the line "md->disk->private_data = NULL;" is executed. The Linux community has released a patch to resolve this issue and prevent potential crashes.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share