Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-46690
HistorySep 13, 2024 - 6:15 a.m.

CVE-2024-46690

2024-09-1306:15:13
Google
osv.dev
linux kernel
cve-2024-46690
nfsd vulnerability
third party lease

AI Score

6.8

Confidence

High

JSON

In the Linux kernel, the following vulnerability has been resolved:

nfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease

It is not safe to dereference fl->c.flc_owner without first confirming
fl->fl_lmops is the expected manager. nfsd4_deleg_getattr_conflict()
tests fl_lmops but largely ignores the result and assumes that flc_owner
is an nfs4_delegation anyway. This is wrong.

With this patch we restore the “!= &nfsd_lease_mng_ops” case to behave
as it did before the change mentioned below. This is the same as the
current code, but without any reference to a possible delegation.

Related

cve 1
cvelist 1
debiancve 1
nvd 1
cve
cve
CVE-2024-46690
2024-09-13 06:15:13
cvelist
cvelist
CVE-2024-46690 nfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease
2024-09-13 05:29:20
debiancve
debiancve
CVE-2024-46690
2024-09-13 06:15:13
nvd
nvd
CVE-2024-46690
2024-09-13 06:15:13

AI Score

6.8

Confidence

High

JSON
Related for OSV:CVE-2024-46690
cve1cvelist1debiancve1nvd1