VDB

CISA-2024-40938

CISA-2024-40938 PUBLISHED

Reported by Linux · Published July 12, 2024

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS check is done after the call to security_path_link(). Do not use source directory's d_parent when the source directory is the mount point. [mic: Fix commit message]

Affected Products

VendorProductVersions
LinuxLinuxb91c3e4ea756b12b7d992529226edce1cfd854d7, b91c3e4ea756b12b7d992529226edce1cfd854d7, b91c3e4ea756b12b7d992529226edce1cfd854d7
LinuxLinux5.19, 0, 6.1.95
linuxlinux_kernel5.19, 5.19, 5.19
LinuxLinux*, b91c3e4ea756b12b7d992529226edce1cfd854d7, b91c3e4ea756b12b7d992529226edce1cfd854d7

Timeline

  • Jul 12, 2024 CVE Published
  • Nov 3, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›