CVE-2024-53130— nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
Affected Version Matrix 18
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5305cb830834549b9203ad4d009ad5483c5e293f< 7af3309c7a2ef26831a67125b11c34a7e01c1b2a | affected |
5305cb830834549b9203ad4d009ad5483c5e293f< 0ce59fb1c73fdd5b6028226aeb46259a0cdc0957 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 0a5014ad37c77ac6a2c525137c00a0e1724f6020 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< d904e4d845aafbcfd8a40c1df7d999f02f062be8 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 86b19031dbc79abc378dfae357f6ea33ebeb0c95 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< b0e4765740040c44039282057ecacd7435d1d2ba | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< ffc440a76a0f476a7e6ea838ec0dc8e9979944d1 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 2026559a6c4ce34db117d2db8f710fe2a9420d5a | affected | ||
| … +10 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-53130
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint When using the "block:block_dirty_buffer" tracepoint, mark_buffer_dirty() may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because, since the tracepoint was added in mark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, nilfs_grab_buffer(), which grabs a buffer to read (or create) a block of metadata, including b-tree node blocks, does not set the block device, but instead does so only if the buffer is not in the "uptodate" state for each of its caller block reading functions. However, if the uptodate flag is set on a folio/page, and the buffer heads are detached from it by try_to_free_buffers(), and new buffer heads are then attached by create_empty_buffers(), the uptodate flag may be restored to each buffer without the block device being set to bh->b_bdev, and mark_buffer_dirty() may be called later in that state, resulting in the bug mentioned above. Fix this issue by making nilfs_grab_buffer() always set the block device of the super block structure to the buffer head, regardless of the state of the buffer's uptodate flag.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于nilfs2文件系统中在使用block_dirty_buffer tracepoint时可能导致的空指针解引用问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-53130
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-53130
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-12-04 · 16 CVEs total
| CVE-2024-53125 | bpf: sync_linked_regs() must preserve subreg_def | |
| CVE-2024-53126 | vdpa: solidrun: Fix UB bug with devres | |
| CVE-2024-53127 | Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" | |
| CVE-2024-53128 | sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers | |
| CVE-2024-53129 | drm/rockchip: vop: Fix a dereferenced before check warning | |
| CVE-2024-53131 | nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint | |
| CVE-2024-53132 | drm/xe/oa: Fix "Missing outer runtime PM protection" warning | |
| CVE-2024-53133 | drm/amd/display: Handle dml allocation failure to avoid crash | |
| CVE-2024-53134 | pmdomain: imx93-blk-ctrl: correct remove path | |
| CVE-2024-53135 | KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN | |
| CVE-2024-53136 | mm: revert "mm: shmem: fix data-race in shmem_getattr()" | |
| CVE-2024-53138 | net/mlx5e: kTLS, Fix incorrect page refcounting | |
| CVE-2024-53137 | ARM: fix cacheflush with PAN | |
| CVE-2024-53139 | sctp: fix possible UAF in sctp_v6_available() | |
| CVE-2024-53140 | netlink: terminate outstanding dump on socket close |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
Same vendor: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
V. Comments for CVE-2024-53130
No comments yet