cve/published/2024/CVE-2024-49877.mbox

From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: <linux-cve-announce@vger.kernel.org>
Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Subject: CVE-2024-49877: ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate

When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger
NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if
bh is NULL.

The Linux kernel CVE team has assigned CVE-2024-49877 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 4.19.87 with commit 6c150df9c2e80b5cf86f5a0d98beb7390ad63bfc and fixed in 4.19.323 with commit 190d98bcd61117a78fe185222d162180f061a6ca
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 5.4.285 with commit e68c8323355e8cedfbe0bec7d5a39009f61640b6
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 5.10.227 with commit 61b84013e560382cbe7dd56758be3154d43a3988
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 5.15.168 with commit df944dc46d06af65a75191183d52be017e6b9dbe
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 6.1.113 with commit 01cb2e751cc61ade454c9bc1aaa2eac1f8197112
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 6.6.55 with commit d52c5652e7dcb7a0648bbb8642cc3e617070ab49
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 6.10.14 with commit 46b1edf0536a5291a8ad2337f88c926214b209d9
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 6.11.3 with commit 4846e72ab5a0726e49ad4188b9d9df091ae78c64
	Issue introduced in 4.20 with commit cf76c78595ca87548ca5e45c862ac9e0949c4687 and fixed in 6.12 with commit 33b525cef4cff49e216e4133cc48452e11c0391e
	Issue introduced in 4.4.204 with commit 01f93d5e36753fc4d06ec67f05ce78c9c6f2dd56
	Issue introduced in 4.9.204 with commit 65cbd1279f4b999d56a838344a30642db24cd215
	Issue introduced in 4.14.157 with commit 97e1db17bc1ef4c2e1789bc9323c7be44fba53f8

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-49877
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	fs/ocfs2/buffer_head_io.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca
	https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6
	https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988
	https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe
	https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112
	https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49
	https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9
	https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64
	https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e