cve/published/2024/CVE-2024-50241.json - pub/scm/linux/security/vulns - Git at Google

 {
    "containers": {
       "cna": {
          "providerMetadata": {
             "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
          },
          "descriptions": [
             {
                "lang": "en",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Initialize struct nfsd4_copy earlier\n\nEnsure the refcount and async_copies fields are initialized early.\ncleanup_async_copy() will reference these fields if an error occurs\nin nfsd4_copy(). If they are not correctly initialized, at the very\nleast, a refcount underflow occurs."
             }
          ],
          "affected": [
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "fs/nfsd/nfs4proc.c"
                ],
                "versions": [
                   {
                      "version": "9e52ff544e0bfa09ee339fd7b0937ee3c080c24e",
                      "lessThan": "059434d23c4578d9d02efb92d848ea21bc640112",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "43e46ee5efc03990b223f7aa8b77aa9c3d3acfdf",
                      "lessThan": "7267625baf365a969f1b25ded6f07b64bc90ec5b",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7ea9260874b779637aff6d24c344b8ef4ac862a0",
                      "lessThan": "c3074003fa6837c2b89a34d8d12d9463b59d22d6",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "ae267989b7b7933dfedcd26468d0a88fc3a9da9e",
                      "lessThan": "421f1a2a1afb47d88de09457ef7687e1df7bc997",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "6a488ad7745b8f64625c6d3a24ce7e448e83f11b",
                      "lessThan": "e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "aadc3bbea163b6caaaebfdd2b6c4667fbc726752",
                      "lessThan": "63fab04cbd0f96191b6e5beedc3b643b01c15889",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "b4e21431a0db4854b5023cd5af001be557e6c3db",
                      "status": "affected",
                      "versionType": "git"
                   }
                ]
             },
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "fs/nfsd/nfs4proc.c"
                ],
                "versions": [
                   {
                      "version": "6.11.3",
                      "lessThan": "6.11.7",
                      "status": "affected",
                      "versionType": "semver"
                   }
                ]
             }
          ],
          "cpeApplicability": [
             {
                "nodes": [
                   {
                      "operator": "OR",
                      "negate": false,
                      "cpeMatch": [
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.11.3",
                            "versionEndExcluding": "6.11.7"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10.14"
                         }
                      ]
                   }
                ]
             }
          ],
          "references": [
             {
                "url": "https://git.kernel.org/stable/c/059434d23c4578d9d02efb92d848ea21bc640112"
             },
             {
                "url": "https://git.kernel.org/stable/c/7267625baf365a969f1b25ded6f07b64bc90ec5b"
             },
             {
                "url": "https://git.kernel.org/stable/c/c3074003fa6837c2b89a34d8d12d9463b59d22d6"
             },
             {
                "url": "https://git.kernel.org/stable/c/421f1a2a1afb47d88de09457ef7687e1df7bc997"
             },
             {
                "url": "https://git.kernel.org/stable/c/e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1"
             },
             {
                "url": "https://git.kernel.org/stable/c/63fab04cbd0f96191b6e5beedc3b643b01c15889"
             }
          ],
          "title": "NFSD: Initialize struct nfsd4_copy earlier",
          "x_generator": {
             "engine": "bippy-1.2.0"
          }
       }
    },
    "cveMetadata": {
       "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
       "cveID": "CVE-2024-50241",
       "requesterUserId": "gregkh@kernel.org",
       "serial": "1",
       "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
 }
	{
	"containers": {
	"cna": {
	"providerMetadata": {
	"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
	},
	"descriptions": [
	{
	"lang": "en",
	"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Initialize struct nfsd4_copy earlier\n\nEnsure the refcount and async_copies fields are initialized early.\ncleanup_async_copy() will reference these fields if an error occurs\nin nfsd4_copy(). If they are not correctly initialized, at the very\nleast, a refcount underflow occurs."
	}
	],
	"affected": [
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"fs/nfsd/nfs4proc.c"
	],
	"versions": [
	{
	"version": "9e52ff544e0bfa09ee339fd7b0937ee3c080c24e",
	"lessThan": "059434d23c4578d9d02efb92d848ea21bc640112",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "43e46ee5efc03990b223f7aa8b77aa9c3d3acfdf",
	"lessThan": "7267625baf365a969f1b25ded6f07b64bc90ec5b",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7ea9260874b779637aff6d24c344b8ef4ac862a0",
	"lessThan": "c3074003fa6837c2b89a34d8d12d9463b59d22d6",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "ae267989b7b7933dfedcd26468d0a88fc3a9da9e",
	"lessThan": "421f1a2a1afb47d88de09457ef7687e1df7bc997",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "6a488ad7745b8f64625c6d3a24ce7e448e83f11b",
	"lessThan": "e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "aadc3bbea163b6caaaebfdd2b6c4667fbc726752",
	"lessThan": "63fab04cbd0f96191b6e5beedc3b643b01c15889",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "b4e21431a0db4854b5023cd5af001be557e6c3db",
	"status": "affected",
	"versionType": "git"
	}
	]
	},
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"fs/nfsd/nfs4proc.c"
	],
	"versions": [
	{
	"version": "6.11.3",
	"lessThan": "6.11.7",
	"status": "affected",
	"versionType": "semver"
	}
	]
	}
	],
	"cpeApplicability": [
	{
	"nodes": [
	{
	"operator": "OR",
	"negate": false,
	"cpeMatch": [
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.11.3",
	"versionEndExcluding": "6.11.7"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10.14"
	}
	]
	}
	]
	}
	],
	"references": [
	{
	"url": "https://git.kernel.org/stable/c/059434d23c4578d9d02efb92d848ea21bc640112"
	},
	{
	"url": "https://git.kernel.org/stable/c/7267625baf365a969f1b25ded6f07b64bc90ec5b"
	},
	{
	"url": "https://git.kernel.org/stable/c/c3074003fa6837c2b89a34d8d12d9463b59d22d6"
	},
	{
	"url": "https://git.kernel.org/stable/c/421f1a2a1afb47d88de09457ef7687e1df7bc997"
	},
	{
	"url": "https://git.kernel.org/stable/c/e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1"
	},
	{
	"url": "https://git.kernel.org/stable/c/63fab04cbd0f96191b6e5beedc3b643b01c15889"
	}
	],
	"title": "NFSD: Initialize struct nfsd4_copy earlier",
	"x_generator": {
	"engine": "bippy-1.2.0"
	}
	}
	},
	"cveMetadata": {
	"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
	"cveID": "CVE-2024-50241",
	"requesterUserId": "gregkh@kernel.org",
	"serial": "1",
	"state": "PUBLISHED"
	},
	"dataType": "CVE_RECORD",
	"dataVersion": "5.0"
	}