FKIE_CVE-2024-41049

Vulnerability from fkie_nvd - Published: 2024-07-29 15:15 - Updated: 2026-06-17 07:47
Severity
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58bPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58bPatch
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/locks.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1cbbb3d9475c403ebedc327490c7c2b991398197",
              "status": "affected",
              "version": "117fb80cd1e63c419c7a221ce070becb4bfc7b6d",
              "versionType": "git"
            },
            {
              "lessThan": "7d4c14f4b511fd4c0dc788084ae59b4656ace58b",
              "status": "affected",
              "version": "a6f4129378ca15f62cbdde09a7d3ccc35adcf49d",
              "versionType": "git"
            },
            {
              "lessThan": "02a8964260756c70b20393ad4006948510ac9967",
              "status": "affected",
              "version": "766e56faddbec2eaf70c9299e1c9ef74d846d32b",
              "versionType": "git"
            },
            {
              "lessThan": "5cb36e35bc10ea334810937990c2b9023dacb1b0",
              "status": "affected",
              "version": "34bff6d850019e00001129d6de3aa4874c2cf471",
              "versionType": "git"
            },
            {
              "lessThan": "432b06b69d1d354a171f7499141116536579eb6a",
              "status": "affected",
              "version": "74f6f5912693ce454384eaeec48705646a21c74f",
              "versionType": "git"
            },
            {
              "lessThan": "116599f6a26906cf33f67975c59f0692ecf7e9b2",
              "status": "affected",
              "version": "74f6f5912693ce454384eaeec48705646a21c74f",
              "versionType": "git"
            },
            {
              "lessThan": "1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92",
              "status": "affected",
              "version": "74f6f5912693ce454384eaeec48705646a21c74f",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "e75396988bb9b3b90e6e8690604d0f566cea403a",
              "versionType": "git"
            },
            {
              "lessThan": "5.4.280",
              "status": "affected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.222",
              "status": "affected",
              "version": "5.10.197",
              "versionType": "semver"
            },
            {
              "lessThan": "5.15.163",
              "status": "affected",
              "version": "5.15.133",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.100",
              "status": "affected",
              "version": "6.1.55",
              "versionType": "semver"
            },
            {
              "lessThan": "6.6",
              "status": "affected",
              "version": "6.5.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/locks.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.280",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.222",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.100",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.41",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCFB8D1-0D8E-44C5-967B-66E3911236EC",
              "versionEndExcluding": "5.4.280",
              "versionStartIncluding": "5.4.257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C340713-6131-41D3-94DF-E067816266F9",
              "versionEndExcluding": "5.10.222",
              "versionStartIncluding": "5.10.197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FFCFEB3-1EA2-4D09-9D90-0398470DBE18",
              "versionEndExcluding": "5.15.163",
              "versionStartIncluding": "5.15.133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "135E2932-F618-47BC-9E27-2DF27F9831F1",
              "versionEndExcluding": "6.1.100",
              "versionStartIncluding": "6.1.55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBD7DB8F-6881-4008-B9ED-5588CD8061D9",
              "versionEndExcluding": "6.6.41",
              "versionStartIncluding": "6.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352",
              "versionEndExcluding": "6.9.10",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilelock: fix potential use-after-free in posix_lock_inode\n\nLight Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().\nThe request pointer had been changed earlier to point to a lock entry\nthat was added to the inode\u0027s list. However, before the tracepoint could\nfire, another task raced in and freed that lock.\n\nFix this by moving the tracepoint inside the spinlock, which should\nensure that this doesn\u0027t happen."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: filelock: corrige el posible use after free en posix_lock_inode Light Hsieh inform\u00f3 una advertencia de KASAN UAF en trace_posix_lock_inode(). El puntero de solicitud se hab\u00eda cambiado anteriormente para apuntar a una entrada de bloqueo que se agreg\u00f3 a la lista del inodo. Sin embargo, antes de que el punto de rastreo pudiera activarse, otra tarea entr\u00f3 r\u00e1pidamente y liber\u00f3 ese bloqueo. Solucione este problema moviendo el punto de seguimiento dentro del spinlock, lo que deber\u00eda garantizar que esto no suceda."
    }
  ],
  "id": "CVE-2024-41049",
  "lastModified": "2026-06-17T07:47:10.080",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2024-41049",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-09-10T16:22:47.848280Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-07-29T15:15:13.177",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.