VDB

CISA-2024-43826

CISA-2024-43826 PUBLISHED

Reported by Linux · Published August 17, 2024

In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a NULL ->f_mapping that protects against truncations and can lead to kernel crashes. E.g. when running xfstests generic/065 with all nfs trace points enabled. Follow the model of the XFS trace points and pass in an explіcit offset and length. This has the additional benefit that these values can be more accurate as some of the users touch partial folio ranges.

Affected Products

VendorProductVersions
LinuxLinuxeb5654b3b89d5e836312cea9f3fdb49457852e89, eb5654b3b89d5e836312cea9f3fdb49457852e89
LinuxLinux6.3, 0, 6.10.3
LinuxLinux6.6.130, 0, 6.10.3
linuxlinux_kernel6.3, 6.3, 6.3

Timeline

  • Aug 17, 2024 CVE Published
  • May 4, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›