Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0334
Vulnerability from certfr_avis - Published: 2024-04-19 - Updated: 2024-04-19
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.85-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-26601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
},
{
"name": "CVE-2023-52633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52633"
},
{
"name": "CVE-2023-52622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
},
{
"name": "CVE-2024-26696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
},
{
"name": "CVE-2024-26654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
},
{
"name": "CVE-2024-26816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26816"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-26629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
},
{
"name": "CVE-2024-26586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26586"
},
{
"name": "CVE-2024-26715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
},
{
"name": "CVE-2023-52637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
},
{
"name": "CVE-2024-26585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
},
{
"name": "CVE-2024-26754",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26754"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2023-52630",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52630"
},
{
"name": "CVE-2023-52429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52429"
},
{
"name": "CVE-2024-26790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
},
{
"name": "CVE-2024-26704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
},
{
"name": "CVE-2024-26750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26750"
},
{
"name": "CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2024-27437",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27437"
},
{
"name": "CVE-2024-26712",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"name": "CVE-2023-52640",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52640"
},
{
"name": "CVE-2023-52635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52635"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2024-26802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
},
{
"name": "CVE-2023-52638",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
},
{
"name": "CVE-2024-26665",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
},
{
"name": "CVE-2024-26774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26774"
},
{
"name": "CVE-2024-26627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
},
{
"name": "CVE-2024-26581",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
},
{
"name": "CVE-2023-52632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52632"
},
{
"name": "CVE-2023-52600",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
},
{
"name": "CVE-2023-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
},
{
"name": "CVE-2024-26698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-26702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
},
{
"name": "CVE-2024-26673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26673"
},
{
"name": "CVE-2024-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
},
{
"name": "CVE-2024-26801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
},
{
"name": "CVE-2023-52618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52618"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2024-26643",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
},
{
"name": "CVE-2024-26780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26780"
},
{
"name": "CVE-2024-26779",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
},
{
"name": "CVE-2024-26590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26590"
},
{
"name": "CVE-2023-52604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
},
{
"name": "CVE-2023-52601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
},
{
"name": "CVE-2024-26773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26773"
},
{
"name": "CVE-2024-26722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
},
{
"name": "CVE-2024-26679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
},
{
"name": "CVE-2023-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52616"
},
{
"name": "CVE-2024-26763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26763"
},
{
"name": "CVE-2023-52435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
},
{
"name": "CVE-2024-26707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
},
{
"name": "CVE-2024-26749",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26749"
},
{
"name": "CVE-2023-52603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52603"
},
{
"name": "CVE-2024-26695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
},
{
"name": "CVE-2024-26789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26789"
},
{
"name": "CVE-2023-52619",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
},
{
"name": "CVE-2024-26727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26727"
},
{
"name": "CVE-2023-52617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
},
{
"name": "CVE-2024-26804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
},
{
"name": "CVE-2024-26593",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
},
{
"name": "CVE-2024-26751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26751"
},
{
"name": "CVE-2023-6270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
},
{
"name": "CVE-2024-26743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
},
{
"name": "CVE-2024-26676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
},
{
"name": "CVE-2024-26787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26787"
},
{
"name": "CVE-2024-26814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26814"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-26765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26765"
},
{
"name": "CVE-2023-52584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52584"
},
{
"name": "CVE-2024-26606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
},
{
"name": "CVE-2024-26781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26781"
},
{
"name": "CVE-2024-26625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
},
{
"name": "CVE-2024-26748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
},
{
"name": "CVE-2024-26782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
},
{
"name": "CVE-2023-52631",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-52589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52589"
},
{
"name": "CVE-2024-26697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
},
{
"name": "CVE-2024-26792",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26792"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-26626",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26626"
},
{
"name": "CVE-2024-26741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26741"
},
{
"name": "CVE-2024-26583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
},
{
"name": "CVE-2024-26642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
},
{
"name": "CVE-2024-26680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26680"
},
{
"name": "CVE-2023-52639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52639"
},
{
"name": "CVE-2024-26685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
},
{
"name": "CVE-2024-26733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
},
{
"name": "CVE-2023-52599",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
},
{
"name": "CVE-2024-26812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
},
{
"name": "CVE-2024-26688",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
},
{
"name": "CVE-2024-26663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
},
{
"name": "CVE-2024-26675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2023-52583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2023-52602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-23850",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23850"
},
{
"name": "CVE-2024-26800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26800"
},
{
"name": "CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"name": "CVE-2024-26651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26651"
},
{
"name": "CVE-2024-26776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26776"
},
{
"name": "CVE-2024-1151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
},
{
"name": "CVE-2024-26735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
},
{
"name": "CVE-2023-47233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47233"
},
{
"name": "CVE-2024-26640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2024-23851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23851"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2023-52588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52588"
},
{
"name": "CVE-2024-26771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26771"
},
{
"name": "CVE-2024-26769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26769"
},
{
"name": "CVE-2024-26723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26723"
},
{
"name": "CVE-2024-26737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26737"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2024-26747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26747"
},
{
"name": "CVE-2023-52598",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
},
{
"name": "CVE-2024-26753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26753"
},
{
"name": "CVE-2023-52620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
},
{
"name": "CVE-2024-26659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
},
{
"name": "CVE-2024-26793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26793"
},
{
"name": "CVE-2024-26639",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26639"
},
{
"name": "CVE-2023-52594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
},
{
"name": "CVE-2024-26687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
},
{
"name": "CVE-2024-26718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26718"
},
{
"name": "CVE-2023-52595",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
},
{
"name": "CVE-2024-26752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26752"
},
{
"name": "CVE-2023-52623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
},
{
"name": "CVE-2024-26736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
},
{
"name": "CVE-2024-26759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26759"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26777"
},
{
"name": "CVE-2024-26764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26764"
},
{
"name": "CVE-2024-26689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
},
{
"name": "CVE-2023-52606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
},
{
"name": "CVE-2024-26778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26778"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26811",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26811"
},
{
"name": "CVE-2024-26667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
},
{
"name": "CVE-2023-52597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
},
{
"name": "CVE-2024-26710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26710"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26582",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26582"
},
{
"name": "CVE-2024-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
},
{
"name": "CVE-2024-26813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
},
{
"name": "CVE-2024-26798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
},
{
"name": "CVE-2024-26641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
},
{
"name": "CVE-2024-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
},
{
"name": "CVE-2024-26744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
},
{
"name": "CVE-2024-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26791"
},
{
"name": "CVE-2023-52641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52641"
},
{
"name": "CVE-2024-26810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
},
{
"name": "CVE-2024-26706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26706"
},
{
"name": "CVE-2024-26772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26772"
},
{
"name": "CVE-2024-26766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
},
{
"name": "CVE-2024-26795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26795"
},
{
"name": "CVE-2024-26664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
},
{
"name": "CVE-2024-26809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26809"
},
{
"name": "CVE-2024-26745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
},
{
"name": "CVE-2024-26731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26731"
},
{
"name": "CVE-2023-52607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
},
{
"name": "CVE-2024-26788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26788"
},
{
"name": "CVE-2024-26684",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
},
{
"name": "CVE-2024-26622",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
}
],
"initial_release_date": "2024-04-19T00:00:00",
"last_revision_date": "2024-04-19T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0334",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de Debian\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian msg00066 du 13 avril 2024",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00066.html"
}
]
}
CVE-2024-26764 (GCVE-0-2024-26764)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
Summary
In the Linux kernel, the following vulnerability has been resolved:
fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the
following kernel warning appears:
WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8
Call trace:
kiocb_set_cancel_fn+0x9c/0xa8
ffs_epfile_read_iter+0x144/0x1d0
io_read+0x19c/0x498
io_issue_sqe+0x118/0x27c
io_submit_sqes+0x25c/0x5fc
__arm64_sys_io_uring_enter+0x104/0xab0
invoke_syscall+0x58/0x11c
el0_svc_common+0xb4/0xf4
do_el0_svc+0x2c/0xb0
el0_svc+0x2c/0xa4
el0t_64_sync_handler+0x68/0xb4
el0t_64_sync+0x1a4/0x1a8
Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is
submitted by libaio.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < 337b543e274fe7a8f47df3c8293cc6686ffa620f
(git)
Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942 (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < ea1cd64d59f22d6d13f367d62ec6e27b9344695f (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < d7b6fa97ec894edd02f64b83e5e72e1aa352f353 (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < 18f614369def2a11a52f569fe0f910b199d13487 (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < e7e23fc5d5fe422827c9a43ecb579448f73876c7 (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < 1dc7d74fe456944a9b1c57bd776280249f441ac6 (git) Affected: 04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323 , < b820de741ae48ccf50dd95e297889c286ff4f760 (git) |
|
| Linux | Linux |
Affected:
4.1
Unaffected: 0 , < 4.1 (semver) Unaffected: 4.19.308 , ≤ 4.19.* (semver) Unaffected: 5.4.270 , ≤ 5.4.* (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:05:37.687851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:01.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/aio.c",
"include/linux/fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "337b543e274fe7a8f47df3c8293cc6686ffa620f",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "ea1cd64d59f22d6d13f367d62ec6e27b9344695f",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "d7b6fa97ec894edd02f64b83e5e72e1aa352f353",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "18f614369def2a11a52f569fe0f910b199d13487",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "e7e23fc5d5fe422827c9a43ecb579448f73876c7",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "1dc7d74fe456944a9b1c57bd776280249f441ac6",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
},
{
"lessThan": "b820de741ae48ccf50dd95e297889c286ff4f760",
"status": "affected",
"version": "04b2fa9f8f36ec6fb6fd1c9dc9df6fff0cd27323",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/aio.c",
"include/linux/fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.1"
},
{
"lessThan": "4.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.308",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.270",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.270",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio\n\nIf kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the\nfollowing kernel warning appears:\n\nWARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8\nCall trace:\n kiocb_set_cancel_fn+0x9c/0xa8\n ffs_epfile_read_iter+0x144/0x1d0\n io_read+0x19c/0x498\n io_issue_sqe+0x118/0x27c\n io_submit_sqes+0x25c/0x5fc\n __arm64_sys_io_uring_enter+0x104/0xab0\n invoke_syscall+0x58/0x11c\n el0_svc_common+0xb4/0xf4\n do_el0_svc+0x2c/0xb0\n el0_svc+0x2c/0xa4\n el0t_64_sync_handler+0x68/0xb4\n el0t_64_sync+0x1a4/0x1a8\n\nFix this by setting the IOCB_AIO_RW flag for read and write I/O that is\nsubmitted by libaio."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:43.148Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f"
},
{
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942"
},
{
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f"
},
{
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353"
},
{
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487"
},
{
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7"
},
{
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6"
},
{
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760"
}
],
"title": "fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26764",
"datePublished": "2024-04-03T17:00:46.962Z",
"dateReserved": "2024-02-19T14:20:24.172Z",
"dateUpdated": "2026-05-11T20:03:43.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26765 (GCVE-0-2024-26765)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
LoongArch: Disable IRQ before init_fn() for nonboot CPUs
Summary
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Disable IRQ before init_fn() for nonboot CPUs
Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order to
silence such warnings (and also avoid potential errors due to unexpected
interrupts):
WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:4503 rcu_cpu_starting+0x214/0x280
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198
pc 90000000048e3334 ra 90000000047bd56c tp 900000010039c000 sp 900000010039fdd0
a0 0000000000000001 a1 0000000000000006 a2 900000000802c040 a3 0000000000000000
a4 0000000000000001 a5 0000000000000004 a6 0000000000000000 a7 90000000048e3f4c
t0 0000000000000001 t1 9000000005c70968 t2 0000000004000000 t3 000000000005e56e
t4 00000000000002e4 t5 0000000000001000 t6 ffffffff80000000 t7 0000000000040000
t8 9000000007931638 u0 0000000000000006 s9 0000000000000004 s0 0000000000000001
s1 9000000006356ac0 s2 9000000007244000 s3 0000000000000001 s4 0000000000000001
s5 900000000636f000 s6 7fffffffffffffff s7 9000000002123940 s8 9000000001ca55f8
ra: 90000000047bd56c tlb_init+0x24c/0x528
ERA: 90000000048e3334 rcu_cpu_starting+0x214/0x280
CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)
PRMD: 00000000 (PPLV0 -PIE -PWE)
EUEN: 00000000 (-FPE -SXE -ASXE -BTE)
ECFG: 00071000 (LIE=12 VS=7)
ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)
PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198
Stack : 0000000000000000 9000000006375000 9000000005b61878 900000010039c000
900000010039fa30 0000000000000000 900000010039fa38 900000000619a140
9000000006456888 9000000006456880 900000010039f950 0000000000000001
0000000000000001 cb0cb028ec7e52e1 0000000002b90000 9000000100348700
0000000000000000 0000000000000001 ffffffff916d12f1 0000000000000003
0000000000040000 9000000007930370 0000000002b90000 0000000000000004
9000000006366000 900000000619a140 0000000000000000 0000000000000004
0000000000000000 0000000000000009 ffffffffffc681f2 9000000002123940
9000000001ca55f8 9000000006366000 90000000047a4828 00007ffff057ded8
00000000000000b0 0000000000000000 0000000000000000 0000000000071000
...
Call Trace:
[<90000000047a4828>] show_stack+0x48/0x1a0
[<9000000005b61874>] dump_stack_lvl+0x84/0xcc
[<90000000047f60ac>] __warn+0x8c/0x1e0
[<9000000005b0ab34>] report_bug+0x1b4/0x280
[<9000000005b63110>] do_bp+0x2d0/0x480
[<90000000047a2e20>] handle_bp+0x120/0x1c0
[<90000000048e3334>] rcu_cpu_starting+0x214/0x280
[<90000000047bd568>] tlb_init+0x248/0x528
[<90000000047a4c44>] per_cpu_trap_init+0x124/0x160
[<90000000047a19f4>] cpu_probe+0x494/0xa00
[<90000000047b551c>] start_secondary+0x3c/0xc0
[<9000000005b66134>] smpboot_entry+0x50/0x58
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
fa96b57c149061f71a70bd6582d995f6424fbbf4 , < a262b78dd085dbe9b3c75dc1d9c4cd102b110b53
(git)
Affected: fa96b57c149061f71a70bd6582d995f6424fbbf4 , < dffdf7c783ef291eef38a5a0037584fd1a7fa464 (git) Affected: fa96b57c149061f71a70bd6582d995f6424fbbf4 , < 8bf2ca8c60712af288b88ba80f8e4df4573d923f (git) Affected: fa96b57c149061f71a70bd6582d995f6424fbbf4 , < 1001db6c42e4012b55e5ee19405490f23e033b5a (git) |
|
| Linux | Linux |
Affected:
5.19
Unaffected: 0 , < 5.19 (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:51:28.140835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:11.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/loongarch/kernel/smp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a262b78dd085dbe9b3c75dc1d9c4cd102b110b53",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
},
{
"lessThan": "dffdf7c783ef291eef38a5a0037584fd1a7fa464",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
},
{
"lessThan": "8bf2ca8c60712af288b88ba80f8e4df4573d923f",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
},
{
"lessThan": "1001db6c42e4012b55e5ee19405490f23e033b5a",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/loongarch/kernel/smp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "5.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Disable IRQ before init_fn() for nonboot CPUs\n\nDisable IRQ before init_fn() for nonboot CPUs when hotplug, in order to\nsilence such warnings (and also avoid potential errors due to unexpected\ninterrupts):\n\nWARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:4503 rcu_cpu_starting+0x214/0x280\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198\npc 90000000048e3334 ra 90000000047bd56c tp 900000010039c000 sp 900000010039fdd0\na0 0000000000000001 a1 0000000000000006 a2 900000000802c040 a3 0000000000000000\na4 0000000000000001 a5 0000000000000004 a6 0000000000000000 a7 90000000048e3f4c\nt0 0000000000000001 t1 9000000005c70968 t2 0000000004000000 t3 000000000005e56e\nt4 00000000000002e4 t5 0000000000001000 t6 ffffffff80000000 t7 0000000000040000\nt8 9000000007931638 u0 0000000000000006 s9 0000000000000004 s0 0000000000000001\ns1 9000000006356ac0 s2 9000000007244000 s3 0000000000000001 s4 0000000000000001\ns5 900000000636f000 s6 7fffffffffffffff s7 9000000002123940 s8 9000000001ca55f8\n ra: 90000000047bd56c tlb_init+0x24c/0x528\n ERA: 90000000048e3334 rcu_cpu_starting+0x214/0x280\n CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n PRMD: 00000000 (PPLV0 -PIE -PWE)\n EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n ECFG: 00071000 (LIE=12 VS=7)\nESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)\n PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198\nStack : 0000000000000000 9000000006375000 9000000005b61878 900000010039c000\n 900000010039fa30 0000000000000000 900000010039fa38 900000000619a140\n 9000000006456888 9000000006456880 900000010039f950 0000000000000001\n 0000000000000001 cb0cb028ec7e52e1 0000000002b90000 9000000100348700\n 0000000000000000 0000000000000001 ffffffff916d12f1 0000000000000003\n 0000000000040000 9000000007930370 0000000002b90000 0000000000000004\n 9000000006366000 900000000619a140 0000000000000000 0000000000000004\n 0000000000000000 0000000000000009 ffffffffffc681f2 9000000002123940\n 9000000001ca55f8 9000000006366000 90000000047a4828 00007ffff057ded8\n 00000000000000b0 0000000000000000 0000000000000000 0000000000071000\n ...\nCall Trace:\n[\u003c90000000047a4828\u003e] show_stack+0x48/0x1a0\n[\u003c9000000005b61874\u003e] dump_stack_lvl+0x84/0xcc\n[\u003c90000000047f60ac\u003e] __warn+0x8c/0x1e0\n[\u003c9000000005b0ab34\u003e] report_bug+0x1b4/0x280\n[\u003c9000000005b63110\u003e] do_bp+0x2d0/0x480\n[\u003c90000000047a2e20\u003e] handle_bp+0x120/0x1c0\n[\u003c90000000048e3334\u003e] rcu_cpu_starting+0x214/0x280\n[\u003c90000000047bd568\u003e] tlb_init+0x248/0x528\n[\u003c90000000047a4c44\u003e] per_cpu_trap_init+0x124/0x160\n[\u003c90000000047a19f4\u003e] cpu_probe+0x494/0xa00\n[\u003c90000000047b551c\u003e] start_secondary+0x3c/0xc0\n[\u003c9000000005b66134\u003e] smpboot_entry+0x50/0x58"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:44.310Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53"
},
{
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464"
},
{
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f"
},
{
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a"
}
],
"title": "LoongArch: Disable IRQ before init_fn() for nonboot CPUs",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26765",
"datePublished": "2024-04-03T17:00:47.888Z",
"dateReserved": "2024-02-19T14:20:24.172Z",
"dateUpdated": "2026-05-11T20:03:44.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26766 (GCVE-0-2024-26766)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-23 15:37
VLAI
EPSS
Title
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
Summary
In the Linux kernel, the following vulnerability has been resolved:
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
Unfortunately the commit `fd8958efe877` introduced another error
causing the `descs` array to overflow. This reults in further crashes
easily reproducible by `sendmsg` system call.
[ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI
[ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1]
--
[ 1080.974535] Call Trace:
[ 1080.976990] <TASK>
[ 1081.021929] hfi1_ipoib_send_dma_common+0x7a/0x2e0 [hfi1]
[ 1081.027364] hfi1_ipoib_send_dma_list+0x62/0x270 [hfi1]
[ 1081.032633] hfi1_ipoib_send+0x112/0x300 [hfi1]
[ 1081.042001] ipoib_start_xmit+0x2a9/0x2d0 [ib_ipoib]
[ 1081.046978] dev_hard_start_xmit+0xc4/0x210
--
[ 1081.148347] __sys_sendmsg+0x59/0xa0
crash> ipoib_txreq 0xffff9cfeba229f00
struct ipoib_txreq {
txreq = {
list = {
next = 0xffff9cfeba229f00,
prev = 0xffff9cfeba229f00
},
descp = 0xffff9cfeba229f40,
coalesce_buf = 0x0,
wait = 0xffff9cfea4e69a48,
complete = 0xffffffffc0fe0760 <hfi1_ipoib_sdma_complete>,
packet_len = 0x46d,
tlen = 0x0,
num_desc = 0x0,
desc_limit = 0x6,
next_descq_idx = 0x45c,
coalesce_idx = 0x0,
flags = 0x0,
descs = {{
qw = {0x8024000120dffb00, 0x4} # SDMA_DESC0_FIRST_DESC_FLAG (bit 63)
}, {
qw = { 0x3800014231b108, 0x4}
}, {
qw = { 0x310000e4ee0fcf0, 0x8}
}, {
qw = { 0x3000012e9f8000, 0x8}
}, {
qw = { 0x59000dfb9d0000, 0x8}
}, {
qw = { 0x78000e02e40000, 0x8}
}}
},
sdma_hdr = 0x400300015528b000, <<< invalid pointer in the tx request structure
sdma_status = 0x0, SDMA_DESC0_LAST_DESC_FLAG (bit 62)
complete = 0x0,
priv = 0x0,
txq = 0xffff9cfea4e69880,
skb = 0xffff9d099809f400
}
If an SDMA send consists of exactly 6 descriptors and requires dword
padding (in the 7th descriptor), the sdma_txreq descriptor array is not
properly expanded and the packet will overflow into the container
structure. This results in a panic when the send completion runs. The
exact panic varies depending on what elements of the container structure
get corrupted. The fix is to use the correct expression in
_pad_sdma_tx_descs() to test the need to expand the descriptor array.
With this patch the crashes are no longer reproducible and the machine is
stable.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
d1c1ee052d25ca23735eea912f843bc7834781b4 , < 115b7f3bc1dce590a6851a2dcf23dc1100c49790
(git)
Affected: 40ac5cb6cbb01afa40881f78b4d2f559fb7065c4 , < 5833024a9856f454a964a198c63a57e59e07baf5 (git) Affected: 6cf8f3d690bb5ad31ef0f41a6206ecf5a068d179 , < 3f38d22e645e2e994979426ea5a35186102ff3c2 (git) Affected: bd57756a7e43c7127d0eca1fc5868e705fd0f7ba , < 47ae64df23ed1318e27bd9844e135a5e1c0e6e39 (git) Affected: eeaf35f4e3b360162081de5e744cf32d6d1b0091 , < 52dc9a7a573dbf778625a0efca0fca55489f084b (git) Affected: fd8958efe8779d3db19c9124fce593ce681ac709 , < a2fef1d81becf4ff60e1a249477464eae3c3bc2a (git) Affected: fd8958efe8779d3db19c9124fce593ce681ac709 , < 9034a1bec35e9f725315a3bb6002ef39666114d9 (git) Affected: fd8958efe8779d3db19c9124fce593ce681ac709 , < e6f57c6881916df39db7d95981a8ad2b9c3458d6 (git) Affected: 0ef9594936d1f078e8599a1cf683b052df2bec00 (git) Affected: 4.19.291 , < 4.19.308 (semver) Affected: 5.4.251 , < 5.4.270 (semver) Affected: 5.10.188 , < 5.10.211 (semver) Affected: 5.15.99 , < 5.15.150 (semver) Affected: 6.1.16 , < 6.1.80 (semver) Affected: 6.2.3 , < 6.3 (semver) |
|
| Linux | Linux |
Affected:
6.3
Unaffected: 0 , < 6.3 (semver) Unaffected: 4.19.308 , ≤ 4.19.* (semver) Unaffected: 5.4.270 , ≤ 5.4.* (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:11:09.801717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:44.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/115b7f3bc1dce590a6851a2dcf23dc1100c49790"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5833024a9856f454a964a198c63a57e59e07baf5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f38d22e645e2e994979426ea5a35186102ff3c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47ae64df23ed1318e27bd9844e135a5e1c0e6e39"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52dc9a7a573dbf778625a0efca0fca55489f084b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2fef1d81becf4ff60e1a249477464eae3c3bc2a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9034a1bec35e9f725315a3bb6002ef39666114d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6f57c6881916df39db7d95981a8ad2b9c3458d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/sdma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "115b7f3bc1dce590a6851a2dcf23dc1100c49790",
"status": "affected",
"version": "d1c1ee052d25ca23735eea912f843bc7834781b4",
"versionType": "git"
},
{
"lessThan": "5833024a9856f454a964a198c63a57e59e07baf5",
"status": "affected",
"version": "40ac5cb6cbb01afa40881f78b4d2f559fb7065c4",
"versionType": "git"
},
{
"lessThan": "3f38d22e645e2e994979426ea5a35186102ff3c2",
"status": "affected",
"version": "6cf8f3d690bb5ad31ef0f41a6206ecf5a068d179",
"versionType": "git"
},
{
"lessThan": "47ae64df23ed1318e27bd9844e135a5e1c0e6e39",
"status": "affected",
"version": "bd57756a7e43c7127d0eca1fc5868e705fd0f7ba",
"versionType": "git"
},
{
"lessThan": "52dc9a7a573dbf778625a0efca0fca55489f084b",
"status": "affected",
"version": "eeaf35f4e3b360162081de5e744cf32d6d1b0091",
"versionType": "git"
},
{
"lessThan": "a2fef1d81becf4ff60e1a249477464eae3c3bc2a",
"status": "affected",
"version": "fd8958efe8779d3db19c9124fce593ce681ac709",
"versionType": "git"
},
{
"lessThan": "9034a1bec35e9f725315a3bb6002ef39666114d9",
"status": "affected",
"version": "fd8958efe8779d3db19c9124fce593ce681ac709",
"versionType": "git"
},
{
"lessThan": "e6f57c6881916df39db7d95981a8ad2b9c3458d6",
"status": "affected",
"version": "fd8958efe8779d3db19c9124fce593ce681ac709",
"versionType": "git"
},
{
"status": "affected",
"version": "0ef9594936d1f078e8599a1cf683b052df2bec00",
"versionType": "git"
},
{
"lessThan": "4.19.308",
"status": "affected",
"version": "4.19.291",
"versionType": "semver"
},
{
"lessThan": "5.4.270",
"status": "affected",
"version": "5.4.251",
"versionType": "semver"
},
{
"lessThan": "5.10.211",
"status": "affected",
"version": "5.10.188",
"versionType": "semver"
},
{
"lessThan": "5.15.150",
"status": "affected",
"version": "5.15.99",
"versionType": "semver"
},
{
"lessThan": "6.1.80",
"status": "affected",
"version": "6.1.16",
"versionType": "semver"
},
{
"lessThan": "6.3",
"status": "affected",
"version": "6.2.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/sdma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.308",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.270",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"versionStartIncluding": "4.19.291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.270",
"versionStartIncluding": "5.4.251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "5.10.188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "5.15.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "6.1.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error\n\nUnfortunately the commit `fd8958efe877` introduced another error\ncausing the `descs` array to overflow. This reults in further crashes\neasily reproducible by `sendmsg` system call.\n\n[ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI\n[ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1]\n--\n[ 1080.974535] Call Trace:\n[ 1080.976990] \u003cTASK\u003e\n[ 1081.021929] hfi1_ipoib_send_dma_common+0x7a/0x2e0 [hfi1]\n[ 1081.027364] hfi1_ipoib_send_dma_list+0x62/0x270 [hfi1]\n[ 1081.032633] hfi1_ipoib_send+0x112/0x300 [hfi1]\n[ 1081.042001] ipoib_start_xmit+0x2a9/0x2d0 [ib_ipoib]\n[ 1081.046978] dev_hard_start_xmit+0xc4/0x210\n--\n[ 1081.148347] __sys_sendmsg+0x59/0xa0\n\ncrash\u003e ipoib_txreq 0xffff9cfeba229f00\nstruct ipoib_txreq {\n txreq = {\n list = {\n next = 0xffff9cfeba229f00,\n prev = 0xffff9cfeba229f00\n },\n descp = 0xffff9cfeba229f40,\n coalesce_buf = 0x0,\n wait = 0xffff9cfea4e69a48,\n complete = 0xffffffffc0fe0760 \u003chfi1_ipoib_sdma_complete\u003e,\n packet_len = 0x46d,\n tlen = 0x0,\n num_desc = 0x0,\n desc_limit = 0x6,\n next_descq_idx = 0x45c,\n coalesce_idx = 0x0,\n flags = 0x0,\n descs = {{\n qw = {0x8024000120dffb00, 0x4} # SDMA_DESC0_FIRST_DESC_FLAG (bit 63)\n }, {\n qw = { 0x3800014231b108, 0x4}\n }, {\n qw = { 0x310000e4ee0fcf0, 0x8}\n }, {\n qw = { 0x3000012e9f8000, 0x8}\n }, {\n qw = { 0x59000dfb9d0000, 0x8}\n }, {\n qw = { 0x78000e02e40000, 0x8}\n }}\n },\n sdma_hdr = 0x400300015528b000, \u003c\u003c\u003c invalid pointer in the tx request structure\n sdma_status = 0x0, SDMA_DESC0_LAST_DESC_FLAG (bit 62)\n complete = 0x0,\n priv = 0x0,\n txq = 0xffff9cfea4e69880,\n skb = 0xffff9d099809f400\n}\n\nIf an SDMA send consists of exactly 6 descriptors and requires dword\npadding (in the 7th descriptor), the sdma_txreq descriptor array is not\nproperly expanded and the packet will overflow into the container\nstructure. This results in a panic when the send completion runs. The\nexact panic varies depending on what elements of the container structure\nget corrupted. The fix is to use the correct expression in\n_pad_sdma_tx_descs() to test the need to expand the descriptor array.\n\nWith this patch the crashes are no longer reproducible and the machine is\nstable."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:37:48.349Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/115b7f3bc1dce590a6851a2dcf23dc1100c49790"
},
{
"url": "https://git.kernel.org/stable/c/5833024a9856f454a964a198c63a57e59e07baf5"
},
{
"url": "https://git.kernel.org/stable/c/3f38d22e645e2e994979426ea5a35186102ff3c2"
},
{
"url": "https://git.kernel.org/stable/c/47ae64df23ed1318e27bd9844e135a5e1c0e6e39"
},
{
"url": "https://git.kernel.org/stable/c/52dc9a7a573dbf778625a0efca0fca55489f084b"
},
{
"url": "https://git.kernel.org/stable/c/a2fef1d81becf4ff60e1a249477464eae3c3bc2a"
},
{
"url": "https://git.kernel.org/stable/c/9034a1bec35e9f725315a3bb6002ef39666114d9"
},
{
"url": "https://git.kernel.org/stable/c/e6f57c6881916df39db7d95981a8ad2b9c3458d6"
}
],
"title": "IB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26766",
"datePublished": "2024-04-03T17:00:48.642Z",
"dateReserved": "2024-02-19T14:20:24.173Z",
"dateUpdated": "2026-05-23T15:37:48.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26769 (GCVE-0-2024-26769)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
nvmet-fc: avoid deadlock on delete association path
Summary
In the Linux kernel, the following vulnerability has been resolved:
nvmet-fc: avoid deadlock on delete association path
When deleting an association the shutdown path is deadlocking because we
try to flush the nvmet_wq nested. Avoid this by deadlock by deferring
the put work into its own work item.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
a07b4970f464f13640e28e16dad6cfa33647cc99 , < 5e0bc09a52b6169ce90f7ac6e195791adb16cec4
(git)
Affected: a07b4970f464f13640e28e16dad6cfa33647cc99 , < 9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8 (git) Affected: a07b4970f464f13640e28e16dad6cfa33647cc99 , < eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30 (git) Affected: a07b4970f464f13640e28e16dad6cfa33647cc99 , < 1d86f79287206deec36d63b89c741cf542b6cadd (git) Affected: a07b4970f464f13640e28e16dad6cfa33647cc99 , < 710c69dbaccdac312e32931abcb8499c1525d397 (git) |
|
| Linux | Linux |
Affected:
4.8
Unaffected: 0 , < 4.8 (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:13:29.356049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:27:15.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d86f79287206deec36d63b89c741cf542b6cadd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/710c69dbaccdac312e32931abcb8499c1525d397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/nvme/target/fc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5e0bc09a52b6169ce90f7ac6e195791adb16cec4",
"status": "affected",
"version": "a07b4970f464f13640e28e16dad6cfa33647cc99",
"versionType": "git"
},
{
"lessThan": "9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8",
"status": "affected",
"version": "a07b4970f464f13640e28e16dad6cfa33647cc99",
"versionType": "git"
},
{
"lessThan": "eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30",
"status": "affected",
"version": "a07b4970f464f13640e28e16dad6cfa33647cc99",
"versionType": "git"
},
{
"lessThan": "1d86f79287206deec36d63b89c741cf542b6cadd",
"status": "affected",
"version": "a07b4970f464f13640e28e16dad6cfa33647cc99",
"versionType": "git"
},
{
"lessThan": "710c69dbaccdac312e32931abcb8499c1525d397",
"status": "affected",
"version": "a07b4970f464f13640e28e16dad6cfa33647cc99",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/nvme/target/fc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-fc: avoid deadlock on delete association path\n\nWhen deleting an association the shutdown path is deadlocking because we\ntry to flush the nvmet_wq nested. Avoid this by deadlock by deferring\nthe put work into its own work item."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:49.064Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4"
},
{
"url": "https://git.kernel.org/stable/c/9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8"
},
{
"url": "https://git.kernel.org/stable/c/eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30"
},
{
"url": "https://git.kernel.org/stable/c/1d86f79287206deec36d63b89c741cf542b6cadd"
},
{
"url": "https://git.kernel.org/stable/c/710c69dbaccdac312e32931abcb8499c1525d397"
}
],
"title": "nvmet-fc: avoid deadlock on delete association path",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26769",
"datePublished": "2024-04-03T17:00:56.019Z",
"dateReserved": "2024-02-19T14:20:24.175Z",
"dateUpdated": "2026-05-11T20:03:49.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26771 (GCVE-0-2024-26771)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
dmaengine: ti: edma: Add some null pointer checks to the edma_probe
Summary
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: ti: edma: Add some null pointer checks to the edma_probe
devm_kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < c432094aa7c9970f2fa10d2305d550d3810657ce
(git)
Affected: d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < 4fe4e5adc7d29d214c59b59f61db73dec505ca3d (git) Affected: d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < 9d508c897153ae8dd79303f7f035f078139f6b49 (git) Affected: d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < 7b24760f3a3c7ae1a176d343136b6c25174b7b27 (git) Affected: d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < f2a5e30d1e9a629de6179fa23923a318d5feb29e (git) Affected: d4cb7f404247173e2c760a01bf06fd1016a8b0d4 , < 6e2276203ac9ff10fc76917ec9813c660f627369 (git) |
|
| Linux | Linux |
Affected:
4.4
Unaffected: 0 , < 4.4 (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T14:05:41.933267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:46.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dma/ti/edma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c432094aa7c9970f2fa10d2305d550d3810657ce",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
},
{
"lessThan": "4fe4e5adc7d29d214c59b59f61db73dec505ca3d",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
},
{
"lessThan": "9d508c897153ae8dd79303f7f035f078139f6b49",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
},
{
"lessThan": "7b24760f3a3c7ae1a176d343136b6c25174b7b27",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
},
{
"lessThan": "f2a5e30d1e9a629de6179fa23923a318d5feb29e",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
},
{
"lessThan": "6e2276203ac9ff10fc76917ec9813c660f627369",
"status": "affected",
"version": "d4cb7f404247173e2c760a01bf06fd1016a8b0d4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dma/ti/edma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.4"
},
{
"lessThan": "4.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:51.362Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce"
},
{
"url": "https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d"
},
{
"url": "https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49"
},
{
"url": "https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27"
},
{
"url": "https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e"
},
{
"url": "https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369"
}
],
"title": "dmaengine: ti: edma: Add some null pointer checks to the edma_probe",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26771",
"datePublished": "2024-04-03T17:00:57.918Z",
"dateReserved": "2024-02-19T14:20:24.175Z",
"dateUpdated": "2026-05-11T20:03:51.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26772 (GCVE-0-2024-26772)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
Places the logic for checking if the group's block bitmap is corrupt under
the protection of the group lock to avoid allocating blocks from the group
with a corrupted block bitmap.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43
(git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 6b92b1bc16d691c95b152c6dbf027ad64315668d (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < ffeb72a80a82aba59a6774b0611f792e0ed3b0b7 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 8de8305a25bfda607fc13475ebe84b978c96d7ff (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < d639102f4cbd4cb65d1225dba3b9265596aab586 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < d3bbe77a76bc52e9d4d0a120f1509be36e25c916 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 21dbe20589c7f48e9c5d336ce6402bcebfa6d76a (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 832698373a25950942c04a512daa652c18a9b513 (git) |
|
| Linux | Linux |
Affected:
3.12
Unaffected: 0 , < 3.12 (semver) Unaffected: 4.19.308 , ≤ 4.19.* (semver) Unaffected: 5.4.270 , ≤ 5.4.* (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26772",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T19:16:02.816411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:30:43.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "6b92b1bc16d691c95b152c6dbf027ad64315668d",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "ffeb72a80a82aba59a6774b0611f792e0ed3b0b7",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "8de8305a25bfda607fc13475ebe84b978c96d7ff",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "d639102f4cbd4cb65d1225dba3b9265596aab586",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "d3bbe77a76bc52e9d4d0a120f1509be36e25c916",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "21dbe20589c7f48e9c5d336ce6402bcebfa6d76a",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "832698373a25950942c04a512daa652c18a9b513",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.12"
},
{
"lessThan": "3.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.308",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.270",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.270",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:52.628Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43"
},
{
"url": "https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d"
},
{
"url": "https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7"
},
{
"url": "https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff"
},
{
"url": "https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586"
},
{
"url": "https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916"
},
{
"url": "https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a"
},
{
"url": "https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513"
}
],
"title": "ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26772",
"datePublished": "2024-04-03T17:00:58.733Z",
"dateReserved": "2024-02-19T14:20:24.176Z",
"dateUpdated": "2026-05-11T20:03:52.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26773 (GCVE-0-2024-26773)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
Determine if the group block bitmap is corrupted before using ac_b_ex in
ext4_mb_try_best_found() to avoid allocating blocks from a group with a
corrupted block bitmap in the following concurrency and making the
situation worse.
ext4_mb_regular_allocator
ext4_lock_group(sb, group)
ext4_mb_good_group
// check if the group bbitmap is corrupted
ext4_mb_complex_scan_group
// Scan group gets ac_b_ex but doesn't use it
ext4_unlock_group(sb, group)
ext4_mark_group_bitmap_corrupted(group)
// The block bitmap was corrupted during
// the group unlock gap.
ext4_mb_try_best_found
ext4_lock_group(ac->ac_sb, group)
ext4_mb_use_best_found
mb_mark_used
// Allocating blocks in block bitmap corrupted group
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 21f8cfe79f776287459343e9cfa6055af61328ea
(git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 260fc96283c0f594de18a1b045faf6d8fb42874d (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 927794a02169778c9c2e7b25c768ab3ea8c1dc03 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 4c21fa60a6f4606f6214a38f50612b17b2f738f5 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < f97e75fa4e12b0aa0224e83fcbda8853ac2adf36 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 0184747b552d6b5a14db3b7fcc3b792ce64dedd1 (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < a2576ae9a35c078e488f2c573e9e6821d651fbbe (git) Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 4530b3660d396a646aad91a787b6ab37cf604b53 (git) |
|
| Linux | Linux |
Affected:
3.12
Unaffected: 0 , < 3.12 (semver) Unaffected: 4.19.308 , ≤ 4.19.* (semver) Unaffected: 5.4.270 , ≤ 5.4.* (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:50:26.209110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:10.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "21f8cfe79f776287459343e9cfa6055af61328ea",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "260fc96283c0f594de18a1b045faf6d8fb42874d",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "927794a02169778c9c2e7b25c768ab3ea8c1dc03",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "4c21fa60a6f4606f6214a38f50612b17b2f738f5",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "f97e75fa4e12b0aa0224e83fcbda8853ac2adf36",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "0184747b552d6b5a14db3b7fcc3b792ce64dedd1",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "a2576ae9a35c078e488f2c573e9e6821d651fbbe",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
},
{
"lessThan": "4530b3660d396a646aad91a787b6ab37cf604b53",
"status": "affected",
"version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.12"
},
{
"lessThan": "3.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.308",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.270",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.270",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:53.890Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea"
},
{
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d"
},
{
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03"
},
{
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5"
},
{
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36"
},
{
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1"
},
{
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe"
},
{
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53"
}
],
"title": "ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26773",
"datePublished": "2024-04-03T17:00:59.757Z",
"dateReserved": "2024-02-19T14:20:24.176Z",
"dateUpdated": "2026-05-11T20:03:53.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26774 (GCVE-0-2024-26774)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:01 – Updated: 2026-05-23 15:37
VLAI
EPSS
Title
ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt
Summary
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt
Determine if bb_fragments is 0 instead of determining bb_free to eliminate
the risk of dividing by zero when the block bitmap is corrupted.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
83e80a6e3543f37f74c8e48a5f305b054b65ce2a , < 8b40eb2e716b503f7a4e1090815a17b1341b2150
(git)
Affected: 83e80a6e3543f37f74c8e48a5f305b054b65ce2a , < f32d2a745b02123258026e105a008f474f896d6a (git) Affected: 83e80a6e3543f37f74c8e48a5f305b054b65ce2a , < 8cf9cc602cfb40085967c0d140e32691c8b71cf3 (git) Affected: 83e80a6e3543f37f74c8e48a5f305b054b65ce2a , < 993bf0f4c393b3667830918f9247438a8f6fdb5b (git) Affected: 398a0fdb38d9ab5e68023667cc5e6e3d109e2d6b (git) Affected: 5.19.12 , < 5.20 (semver) |
|
| Linux | Linux |
Affected:
6.0
Unaffected: 0 , < 6.0 (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/687061cfaa2ac3095170e136dd9c29a4974f41d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b40eb2e716b503f7a4e1090815a17b1341b2150"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f32d2a745b02123258026e105a008f474f896d6a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8cf9cc602cfb40085967c0d140e32691c8b71cf3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/993bf0f4c393b3667830918f9247438a8f6fdb5b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:51:21.311447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:10.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8b40eb2e716b503f7a4e1090815a17b1341b2150",
"status": "affected",
"version": "83e80a6e3543f37f74c8e48a5f305b054b65ce2a",
"versionType": "git"
},
{
"lessThan": "f32d2a745b02123258026e105a008f474f896d6a",
"status": "affected",
"version": "83e80a6e3543f37f74c8e48a5f305b054b65ce2a",
"versionType": "git"
},
{
"lessThan": "8cf9cc602cfb40085967c0d140e32691c8b71cf3",
"status": "affected",
"version": "83e80a6e3543f37f74c8e48a5f305b054b65ce2a",
"versionType": "git"
},
{
"lessThan": "993bf0f4c393b3667830918f9247438a8f6fdb5b",
"status": "affected",
"version": "83e80a6e3543f37f74c8e48a5f305b054b65ce2a",
"versionType": "git"
},
{
"status": "affected",
"version": "398a0fdb38d9ab5e68023667cc5e6e3d109e2d6b",
"versionType": "git"
},
{
"lessThan": "5.20",
"status": "affected",
"version": "5.19.12",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ext4/mballoc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.19.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt\n\nDetermine if bb_fragments is 0 instead of determining bb_free to eliminate\nthe risk of dividing by zero when the block bitmap is corrupted."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:37:50.437Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8b40eb2e716b503f7a4e1090815a17b1341b2150"
},
{
"url": "https://git.kernel.org/stable/c/f32d2a745b02123258026e105a008f474f896d6a"
},
{
"url": "https://git.kernel.org/stable/c/8cf9cc602cfb40085967c0d140e32691c8b71cf3"
},
{
"url": "https://git.kernel.org/stable/c/993bf0f4c393b3667830918f9247438a8f6fdb5b"
}
],
"title": "ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26774",
"datePublished": "2024-04-03T17:01:00.618Z",
"dateReserved": "2024-02-19T14:20:24.176Z",
"dateUpdated": "2026-05-23T15:37:50.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26775 (GCVE-0-2024-26775)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:01 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
aoe: avoid potential deadlock at set_capacity
Summary
In the Linux kernel, the following vulnerability has been resolved:
aoe: avoid potential deadlock at set_capacity
Move set_capacity() outside of the section procected by (&d->lock).
To avoid possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
[1] lock(&bdev->bd_size_lock);
local_irq_disable();
[2] lock(&d->lock);
[3] lock(&bdev->bd_size_lock);
<Interrupt>
[4] lock(&d->lock);
*** DEADLOCK ***
Where [1](&bdev->bd_size_lock) hold by zram_add()->set_capacity().
[2]lock(&d->lock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()
is trying to acquire [3](&bdev->bd_size_lock) at set_capacity() call.
In this situation an attempt to acquire [4]lock(&d->lock) from
aoecmd_cfg_rsp() will lead to deadlock.
So the simplest solution is breaking lock dependency
[2](&d->lock) -> [3](&bdev->bd_size_lock) by moving set_capacity()
outside.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
a782483cc1f875355690625d8253a232f2581418 , < 2499fa286fb010ceb289950050199f33c26667b9
(git)
Affected: a782483cc1f875355690625d8253a232f2581418 , < 2d623c94fbba3554f4446ba6f3c764994e8b0d26 (git) Affected: a782483cc1f875355690625d8253a232f2581418 , < 673629018ba04906899dcb631beec34d871f709c (git) Affected: a782483cc1f875355690625d8253a232f2581418 , < 19a77b27163820f793b4d022979ffdca8f659b77 (git) Affected: a782483cc1f875355690625d8253a232f2581418 , < e169bd4fb2b36c4b2bee63c35c740c85daeb2e86 (git) |
|
| Linux | Linux |
Affected:
5.11
Unaffected: 0 , < 5.11 (semver) Unaffected: 5.15.189 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d623c94fbba3554f4446ba6f3c764994e8b0d26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/673629018ba04906899dcb631beec34d871f709c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/19a77b27163820f793b4d022979ffdca8f659b77"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e169bd4fb2b36c4b2bee63c35c740c85daeb2e86"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:51:17.891108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:55.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/block/aoe/aoeblk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2499fa286fb010ceb289950050199f33c26667b9",
"status": "affected",
"version": "a782483cc1f875355690625d8253a232f2581418",
"versionType": "git"
},
{
"lessThan": "2d623c94fbba3554f4446ba6f3c764994e8b0d26",
"status": "affected",
"version": "a782483cc1f875355690625d8253a232f2581418",
"versionType": "git"
},
{
"lessThan": "673629018ba04906899dcb631beec34d871f709c",
"status": "affected",
"version": "a782483cc1f875355690625d8253a232f2581418",
"versionType": "git"
},
{
"lessThan": "19a77b27163820f793b4d022979ffdca8f659b77",
"status": "affected",
"version": "a782483cc1f875355690625d8253a232f2581418",
"versionType": "git"
},
{
"lessThan": "e169bd4fb2b36c4b2bee63c35c740c85daeb2e86",
"status": "affected",
"version": "a782483cc1f875355690625d8253a232f2581418",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/block/aoe/aoeblk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.189",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.189",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "5.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:56.208Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2499fa286fb010ceb289950050199f33c26667b9"
},
{
"url": "https://git.kernel.org/stable/c/2d623c94fbba3554f4446ba6f3c764994e8b0d26"
},
{
"url": "https://git.kernel.org/stable/c/673629018ba04906899dcb631beec34d871f709c"
},
{
"url": "https://git.kernel.org/stable/c/19a77b27163820f793b4d022979ffdca8f659b77"
},
{
"url": "https://git.kernel.org/stable/c/e169bd4fb2b36c4b2bee63c35c740c85daeb2e86"
}
],
"title": "aoe: avoid potential deadlock at set_capacity",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26775",
"datePublished": "2024-04-03T17:01:01.299Z",
"dateReserved": "2024-02-19T14:20:24.176Z",
"dateUpdated": "2026-05-11T20:03:56.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26776 (GCVE-0-2024-26776)
Vulnerability from cvelistv5 – Published: 2024-04-03 17:01 – Updated: 2026-05-11 20:03
VLAI
EPSS
Title
spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
Summary
In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
Return IRQ_NONE from the interrupt handler when no interrupt was
detected. Because an empty interrupt will cause a null pointer error:
Unable to handle kernel NULL pointer dereference at virtual
address 0000000000000008
Call trace:
complete+0x54/0x100
hisi_sfc_v3xx_isr+0x2c/0x40 [spi_hisi_sfc_v3xx]
__handle_irq_event_percpu+0x64/0x1e0
handle_irq_event+0x7c/0x1cc
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
a2ca53b52e007de81752bbb443d828f5950d6d04 , < e94da8aca2e78ef9ecca02eb211869eacd5504e5
(git)
Affected: a2ca53b52e007de81752bbb443d828f5950d6d04 , < 0399d7eba41d9b28f5bdd7757ec21a5b7046858d (git) Affected: a2ca53b52e007de81752bbb443d828f5950d6d04 , < f19361d570c67e7e014896fa2dacd7d721bf0aa8 (git) Affected: a2ca53b52e007de81752bbb443d828f5950d6d04 , < d637b5118274701e8448f35953877daf04df18b4 (git) Affected: a2ca53b52e007de81752bbb443d828f5950d6d04 , < e4168ac25b4bd378bd7dda322d589482a136c1fd (git) Affected: a2ca53b52e007de81752bbb443d828f5950d6d04 , < de8b6e1c231a95abf95ad097b993d34b31458ec9 (git) |
|
| Linux | Linux |
Affected:
5.6
Unaffected: 0 , < 5.6 (semver) Unaffected: 5.10.211 , ≤ 5.10.* (semver) Unaffected: 5.15.150 , ≤ 5.15.* (semver) Unaffected: 6.1.80 , ≤ 6.1.* (semver) Unaffected: 6.6.19 , ≤ 6.6.* (semver) Unaffected: 6.7.7 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:13.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e94da8aca2e78ef9ecca02eb211869eacd5504e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0399d7eba41d9b28f5bdd7757ec21a5b7046858d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f19361d570c67e7e014896fa2dacd7d721bf0aa8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d637b5118274701e8448f35953877daf04df18b4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e4168ac25b4bd378bd7dda322d589482a136c1fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de8b6e1c231a95abf95ad097b993d34b31458ec9"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:51:14.790934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:54.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-hisi-sfc-v3xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e94da8aca2e78ef9ecca02eb211869eacd5504e5",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
},
{
"lessThan": "0399d7eba41d9b28f5bdd7757ec21a5b7046858d",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
},
{
"lessThan": "f19361d570c67e7e014896fa2dacd7d721bf0aa8",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
},
{
"lessThan": "d637b5118274701e8448f35953877daf04df18b4",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
},
{
"lessThan": "e4168ac25b4bd378bd7dda322d589482a136c1fd",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
},
{
"lessThan": "de8b6e1c231a95abf95ad097b993d34b31458ec9",
"status": "affected",
"version": "a2ca53b52e007de81752bbb443d828f5950d6d04",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-hisi-sfc-v3xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.211",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.150",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.19",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.7",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "5.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected\n\nReturn IRQ_NONE from the interrupt handler when no interrupt was\ndetected. Because an empty interrupt will cause a null pointer error:\n\n Unable to handle kernel NULL pointer dereference at virtual\n address 0000000000000008\n Call trace:\n complete+0x54/0x100\n hisi_sfc_v3xx_isr+0x2c/0x40 [spi_hisi_sfc_v3xx]\n __handle_irq_event_percpu+0x64/0x1e0\n handle_irq_event+0x7c/0x1cc"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:03:57.340Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e94da8aca2e78ef9ecca02eb211869eacd5504e5"
},
{
"url": "https://git.kernel.org/stable/c/0399d7eba41d9b28f5bdd7757ec21a5b7046858d"
},
{
"url": "https://git.kernel.org/stable/c/f19361d570c67e7e014896fa2dacd7d721bf0aa8"
},
{
"url": "https://git.kernel.org/stable/c/d637b5118274701e8448f35953877daf04df18b4"
},
{
"url": "https://git.kernel.org/stable/c/e4168ac25b4bd378bd7dda322d589482a136c1fd"
},
{
"url": "https://git.kernel.org/stable/c/de8b6e1c231a95abf95ad097b993d34b31458ec9"
}
],
"title": "spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26776",
"datePublished": "2024-04-03T17:01:02.116Z",
"dateReserved": "2024-02-19T14:20:24.177Z",
"dateUpdated": "2026-05-11T20:03:57.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…