CVE-2024-39470— eventfs: Fix a possible null pointer dereference in eventfs_find_events()

AI Predicted 4.4 Difficulty: Moderate EPSS 0.04% · P13 Updated May 24, 2026

Affected Version Matrix 11

Vendor	Product	Version Range	Status
Linux	Linux	`628adb842bd5e1c2c598534a7a022b8235289de6< 5ade5fbdbbb1f023bb70730ba4d74146c8bc7eb9`	affected
		`8186fff7ab649085e2c60d032d9a20a85af1d87c< 7a1b2d138189375ed1dcd7d0851118230221bd1d`	affected
		`8186fff7ab649085e2c60d032d9a20a85af1d87c< d4e9a968738bf66d3bb852dd5588d4c7afd6d7f4`	affected
		`9c2ac5e0ea7899411fd900d4681890722a020735`	affected
		`6.6.18< 6.6.34`	affected
		`6.7.4< 6.8`	affected
		`6.8`	affected
		`< 6.8`	unaffected
… +3 more rows

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-39470

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

eventfs: Fix a possible null pointer dereference in eventfs_find_events()

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: eventfs: Fix a possible null pointer dereference in eventfs_find_events() In function eventfs_find_events,there is a potential null pointer that may be caused by calling update_events_attr which will perform some operations on the members of the ei struct when ei is NULL. Hence,When ei->is_freed is set,return NULL directly.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于空指针取消引用。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	628adb842bd5e1c2c598534a7a022b8235289de6 ~ 5ade5fbdbbb1f023bb70730ba4d74146c8bc7eb9	-
Linux	Linux	6.8	-

II. Public POCs for CVE-2024-39470

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-39470

请登录查看更多情报信息。

Other References for CVE-2024-39470 (3)

https://nvd.nist.gov/vuln/detail/CVE-2024-39470

Same Patch Batch · Linux · 2024-06-25 · 24 CVEs total

CVE-2024-39301		net/9p: fix uninit-value in p9_client_rpc()
CVE-2024-39471		drm/amdgpu: add error handle to avoid out-of-bounds
CVE-2024-39469		nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
CVE-2024-39468		smb: client: fix deadlock in smb2_find_smb_tcon()
CVE-2024-39467		f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
CVE-2024-39466		thermal/drivers/qcom/lmh: Check for SCM availability at probe
CVE-2024-39464		media: v4l: async: Fix notifier list entry init
CVE-2024-39465		media: mgb4: Fix double debugfs remove
CVE-2024-39463		9p: add missing locking around taking dentry fid list
CVE-2024-39462		clk: bcm: dvp: Assign ->num before accessing ->hws
CVE-2024-39461		clk: bcm: rpi: Assign ->num before accessing ->hws
CVE-2024-39371		io_uring: check for non-NULL file pointer in io_file_can_poll()
CVE-2021-4440		x86/xen: Drop USERGS_SYSRET64 paravirt call
CVE-2024-39298		mm/memory-failure: fix handling of dissolved but not taken off from buddy pages
CVE-2024-39296		bonding: fix oops during rmmod
CVE-2024-39293		Revert "xsk: Support redirect to any socket bound to the same umem"
CVE-2024-39276		ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
CVE-2024-38661		s390/ap: Fix crash in AP internal function modify_bitmap()
CVE-2024-38385		genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()
CVE-2024-38306		btrfs: protect folio::private when attaching extent buffer folios

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2024-39470

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-39470— eventfs: Fix a possible null pointer dereference in eventfs_find_events()

Affected Version Matrix 11

I. Basic Information for CVE-2024-39470

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-39470

III. Intelligence Information for CVE-2024-39470

Other References for CVE-2024-39470 (3)

Same Patch Batch · Linux · 2024-06-25 · 24 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-39470

Leave a comment