Early Initialization of Struct nfsd4_copy to Prevent Refcount Underflow
CVE-2024-50241

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 November 2024

What is CVE-2024-50241?

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Initialize struct nfsd4_copy earlier

Ensure the refcount and async_copies fields are initialized early. cleanup_async_copy() will reference these fields if an error occurs in nfsd4_copy(). If they are not correctly initialized, at the very least, a refcount underflow occurs.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 9e52ff544e0bfa09ee339fd7b0937ee3c080c24e < 059434d23c4578d9d02efb92d848ea21bc640112

Linux 43e46ee5efc03990b223f7aa8b77aa9c3d3acfdf < 7267625baf365a969f1b25ded6f07b64bc90ec5b

Linux 7ea9260874b779637aff6d24c344b8ef4ac862a0

References

https://git.kernel.org/stable/c/059434d23c4578d9d02efb92d...

https://git.kernel.org/stable/c/7267625baf365a969f1b25ded...

https://git.kernel.org/stable/c/c3074003fa6837c2b89a34d8d...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 9, 2024
Vulnerability Reserved
Oct 21, 2024

JSON

Linux

What is CVE-2024-50241?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.