Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2024-53131

Disclosure Date: December 04, 2024 •

CVE-2024-53131 CVSS v3 Base Score: 5.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint

Patch series “nilfs2: fix null-ptr-deref bugs on block tracepoints”.

This series fixes null pointer dereference bugs that occur when using
nilfs2 and two block-related tracepoints.

This patch (of 2):

It has been reported that when using “block:block_touch_buffer”
tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a
NULL pointer dereference, or a general protection fault when KASAN is
enabled.

This happens because since the tracepoint was added in touch_buffer(), it
references the dev_t member bh->b_bdev->bd_dev regardless of whether the
buffer head has a pointer to a block_device structure. In the current
implementation, the block_device structure is set after the function
returns to the caller.

Here, touch_buffer() is used to mark the folio/page that owns the buffer
head as accessed, but the common search helper for folio/page used by the
caller function was optimized to mark the folio/page as accessed when it
was reimplemented a long time ago, eliminating the need to call
touch_buffer() here in the first place.

So this solves the issue by eliminating the touch_buffer() call itself.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.5 Medium

Impact Score:

3.6

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

linux

Products

linux kernel

References

Canonical

CVE-2024-53131 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53131)

Miscellaneous

https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9

https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665

https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4

https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471

https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf

https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9

https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636

https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423

Rapid7

Unknown

CVE-2024-53131

Unknown

Unknown

None

Low

Local

CVE-2024-53131

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-53131

Unknown

Unknown

None

Low

Local

CVE-2024-53131

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification