CVE - CVE-2024-53131

CVE-ID
CVE-2024-53131	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because since the tracepoint was added in touch_buffer(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, the block_device structure is set after the function returns to the caller. Here, touch_buffer() is used to mark the folio/page that owns the buffer head as accessed, but the common search helper for folio/page used by the caller function was optimized to mark the folio/page as accessed when it was reimplemented a long time ago, eliminating the need to call touch_buffer() here in the first place. So this solves the issue by eliminating the touch_buffer() call itself.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf URL:https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf MISC:https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423 URL:https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423 MISC:https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9 URL:https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9 MISC:https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665 URL:https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665 MISC:https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9 URL:https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9 MISC:https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4 URL:https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4 MISC:https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636 URL:https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636 MISC:https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471 URL:https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471
Assigning CNA
kernel.org
Date Record Created
20241119	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241119)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)