CVE-2024-53131— nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
Affected Version Matrix 18
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5305cb830834549b9203ad4d009ad5483c5e293f< 085556bf8c70e2629e02e79268dac3016a08b8bf | affected |
5305cb830834549b9203ad4d009ad5483c5e293f< 6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< b017697a517f8779ada4e8ce1c2c75dbf60a2636 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 19c71cdd77973f99a9adc3190130bc3aa7ae5423 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 59b49ca67cca7b007a5afd3de0283c8008157665 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< 77e47f89d32c2d72eb33d0becbce7abe14d061f4 | affected | ||
5305cb830834549b9203ad4d009ad5483c5e293f< cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471 | affected | ||
| … +10 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-53131
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because since the tracepoint was added in touch_buffer(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, the block_device structure is set after the function returns to the caller. Here, touch_buffer() is used to mark the folio/page that owns the buffer head as accessed, but the common search helper for folio/page used by the caller function was optimized to mark the folio/page as accessed when it was reimplemented a long time ago, eliminating the need to call touch_buffer() here in the first place. So this solves the issue by eliminating the touch_buffer() call itself.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于nilfs2文件系统中在使用block_touch_buffer tracepoint时可能导致的空指针解引用问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-53131
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-53131
请登录查看更多情报信息。
Patches & Fixes for CVE-2024-53131 (8)
Same Patch Batch · Linux · 2024-12-04 · 16 CVEs total
| CVE-2024-53125 | bpf: sync_linked_regs() must preserve subreg_def | |
| CVE-2024-53126 | vdpa: solidrun: Fix UB bug with devres | |
| CVE-2024-53127 | Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" | |
| CVE-2024-53128 | sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers | |
| CVE-2024-53129 | drm/rockchip: vop: Fix a dereferenced before check warning | |
| CVE-2024-53130 | nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint | |
| CVE-2024-53132 | drm/xe/oa: Fix "Missing outer runtime PM protection" warning | |
| CVE-2024-53133 | drm/amd/display: Handle dml allocation failure to avoid crash | |
| CVE-2024-53134 | pmdomain: imx93-blk-ctrl: correct remove path | |
| CVE-2024-53135 | KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN | |
| CVE-2024-53136 | mm: revert "mm: shmem: fix data-race in shmem_getattr()" | |
| CVE-2024-53138 | net/mlx5e: kTLS, Fix incorrect page refcounting | |
| CVE-2024-53137 | ARM: fix cacheflush with PAN | |
| CVE-2024-53139 | sctp: fix possible UAF in sctp_v6_available() | |
| CVE-2024-53140 | netlink: terminate outstanding dump on socket close |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT - CVE-2026-46237
drm/amdgpu/vcn3: Avoid overflow on msg bound check
Same vendor: Linux
- CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT - CVE-2026-46237
drm/amdgpu/vcn3: Avoid overflow on msg bound check
V. Comments for CVE-2024-53131
No comments yet