| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()\n\nOn the node of an NFS client, some files saved in the mountpoint of the\nNFS server were copied to another location of the same NFS server.\nAccidentally, the nfs42_complete_copies() got a NULL-pointer dereference\ncrash with the following syslog:\n\n[232064.838881] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232064.839360] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232066.588183] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058\n[232066.588586] Mem abort info:\n[232066.588701] ESR = 0x0000000096000007\n[232066.588862] EC = 0x25: DABT (current EL), IL = 32 bits\n[232066.589084] SET = 0, FnV = 0\n[232066.589216] EA = 0, S1PTW = 0\n[232066.589340] FSC = 0x07: level 3 translation fault\n[232066.589559] Data abort info:\n[232066.589683] ISV = 0, ISS = 0x00000007\n[232066.589842] CM = 0, WnR = 0\n[232066.589967] user pgtable: 64k pages, 48-bit VAs, pgdp=00002000956ff400\n[232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=0000000000000000\n[232066.590757] Internal error: Oops: 96000007 [#1] SMP\n[232066.590958] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport dummy ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp bonding tls rfkill sunrpc ext4 mbcache jbd2\n[232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs\n[232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: loaded Not tainted 5.15.131-9.cl9_ocfs2.aarch64 #1\n[232066.597356] Hardware name: Great Wall .\\x93\\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06\n[232066.597721] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[232066.598034] pc : nfs4_reclaim_open_state+0x220/0x800 [nfsv4]\n[232066.598327] lr : nfs4_reclaim_open_state+0x12c/0x800 [nfsv4]\n[232066.598595] sp : ffff8000f568fc70\n[232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000\n[232066.599030] x26: ffff800005521ae0 x25: ffff0100f98fa3f0 x24: 0000000000000001\n[232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050\n[232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000\n[232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000\n[232066.600195] x14: 0000000000000000 x13: ffff800008e685a8 x12: 00000000eac0c6e6\n[232066.600498] x11: 00000000000000\n---truncated---" |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nfs/client.c", |
| "fs/nfs/nfs42proc.c", |
| "fs/nfs/nfs4state.c", |
| "include/linux/nfs_fs_sb.h" |
| ], |
| "versions": [ |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "f892165c564e3aab272948dbb556cc20e290c55a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "584c019baedddec3fd634053e8fb2d8836108d38", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "632344b9efa064ca737bfcdaaaced59fd5f18ae9", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "fca41e5fa4914d12b2136c25f9dad69520b52683", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "ef9189bb15dcbe7ed3f3515aaa6fc8bf7483960d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "0e65a32c8a569db363048e17a708b1a0913adbef", |
| "lessThan": "a848c29e3486189aaabd5663bc11aea50c5bd144", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nfs/client.c", |
| "fs/nfs/nfs42proc.c", |
| "fs/nfs/nfs4state.c", |
| "include/linux/nfs_fs_sb.h" |
| ], |
| "versions": [ |
| { |
| "version": "5.5", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.5", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.227", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.168", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.113", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.57", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.11.4", |
| "lessThanOrEqual": "6.11.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "5.10.227" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "5.15.168" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "6.1.113" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "6.6.57" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "6.11.4" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.5", |
| "versionEndExcluding": "6.12" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/f892165c564e3aab272948dbb556cc20e290c55a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/584c019baedddec3fd634053e8fb2d8836108d38" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/632344b9efa064ca737bfcdaaaced59fd5f18ae9" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/fca41e5fa4914d12b2136c25f9dad69520b52683" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/ef9189bb15dcbe7ed3f3515aaa6fc8bf7483960d" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/a848c29e3486189aaabd5663bc11aea50c5bd144" |
| } |
| ], |
| "title": "NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-50046", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
