Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-26878HistoryApr 17, 2024 - 11:15 a.m.
CVE-2024-26878
2024-04-1711:15:09
Debian Security Bug Tracker
security-tracker.debian.org
8
cve-2024-26878
quota
null pointer
dereference
unix
In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode) dquots = i_dquot(inode) srcu_read_lock dquots[cnt]) != NULL (1) dquots[type] = NULL (2) spin_lock(&dquots[cnt]->dq_dqb_lock) (3) … If dquot_free_inode(or other routines) checks inode’s quota pointers (1) before quota_off sets it to NULL(2) and use it (3) after that, NULL pointer dereference will be triggered. So let’s fix it by using a temporary pointer to avoid this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.85-1 | linux_6.1.85-1_all.deb |
| Debian | 11 | all | linux | < 5.10.216-1 | linux_5.10.216-1_all.deb |
| Debian | 999 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
| Debian | 13 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
Related
cvelist
cvelist
CVE-2024-26878 quota: Fix potential NULL pointer dereference
2024-04-17 10:27:35
redhatcve
redhatcve
CVE-2024-26878
2024-04-17 18:55:07
nvd
nvd
CVE-2024-26878
2024-04-17 11:15:09
vulnrichment
vulnrichment
CVE-2024-26878 quota: Fix potential NULL pointer dereference
2024-04-17 10:27:35
ubuntucve
ubuntucve
CVE-2024-26878
2024-04-17 00:00:00
cve
cve
CVE-2024-26878
2024-04-17 11:15:09
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-067)
2024-05-31 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-041)
2024-04-18 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-054)
2024-04-30 00:00:00
almalinux
almalinux
Important: kernel security update
2024-08-08 00:00:00
Important: kernel-rt security update
2024-08-08 00:00:00
amazon
amazon
Medium: kernel
2024-05-23 22:04:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2140)
2024-08-20 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2216)
2024-08-21 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2308)
2024-09-03 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-10 00:00:00
Linux kernel vulnerabilities
2024-07-23 00:00:00
Linux kernel (AWS) vulnerabilities
2024-06-11 00:00:00
osv
osv
linux-raspi, linux-raspi-5.4 vulnerabilities
2024-07-19 10:36:03
linux-aws, linux-aws-5.4, linux-iot vulnerabilities
2024-07-23 07:58:00
linux-ibm-5.15 vulnerabilities
2024-07-10 21:06:59
rocky
rocky
kernel-rt security update
2024-08-21 14:52:36
kernel security update
2024-09-17 00:57:33
kernel security update
2024-08-21 14:52:19
redhat
redhat
(RHSA-2024:5102) Important: kernel-rt security update
2024-08-08 04:34:36
(RHSA-2024:5438) Moderate: OpenShift Container Platform 4.15.28 packages and security update
2024-08-21 03:33:53
(RHSA-2024:5101) Important: kernel security update
2024-08-08 04:34:29
oraclelinux
oraclelinux
kernel security update
2024-08-08 00:00:00
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39