CVE - CVE-2024-44939

CVE-ID
CVE-2024-44939	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 RIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713 ... [Analyze] In dtInsertEntry(), when the pointer h has the same value as p, after writing name in UniStrncpy_to_le(), p->header.flag will be cleared. This will cause the previously true judgment "p->header.flag & BT-LEAF" to change to no after writing the name operation, this leads to entering an incorrect branch and accessing the uninitialized object ih when judging this condition for the second time. [Fix] After got the page, check freelist first, if freelist == 0 then exit dtInsert() and return -EINVAL.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/53023ab11836ac56fd75f7a71ec1356e50920fa9 URL:https://git.kernel.org/stable/c/53023ab11836ac56fd75f7a71ec1356e50920fa9 MISC:https://git.kernel.org/stable/c/6ea10dbb1e6c58384136e9adfd75f81951e423f6 URL:https://git.kernel.org/stable/c/6ea10dbb1e6c58384136e9adfd75f81951e423f6 MISC:https://git.kernel.org/stable/c/9c2ac38530d1a3ee558834dfa16c85a40fd0e702 URL:https://git.kernel.org/stable/c/9c2ac38530d1a3ee558834dfa16c85a40fd0e702 MISC:https://git.kernel.org/stable/c/ce6dede912f064a855acf6f04a04cbb2c25b8c8c URL:https://git.kernel.org/stable/c/ce6dede912f064a855acf6f04a04cbb2c25b8c8c
Assigning CNA
kernel.org
Date Record Created
20240821	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240821)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)