3 matches found
SUSE CVE-2024-49881
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...
AZL-51544 CVE-2024-49881 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...
CVE-2024-49881
In CVE-2024-49881, the Linux kernel ext4 caller path handling was fixed: in ext4_find_extent(), if a path is reallocated after being freed when depth exceeds path[0].p_maxdepth, orig_path was not updated, leaving the caller with a valid path but a NULL ppath. This could cause a NULL pointer deref...