Bug 2300517 (CVE-2024-42079) - CVE-2024-42079 kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush
Summary: CVE-2024-42079 kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush
Keywords:
Status: NEW
Alias: CVE-2024-42079
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2301716
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-07-29 16:28 UTC by OSIDB Bzimport
Modified: 2024-11-18 01:20 UTC (History)
4 users (show)

Fixed In Version: kernel 6.6.37, kernel 6.9.8, kernel 6.10
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:8165 0 None None None 2024-10-16 04:22:24 UTC
Red Hat Product Errata RHBA-2024:8242 0 None None None 2024-10-17 12:41:01 UTC
Red Hat Product Errata RHBA-2024:8412 0 None None None 2024-10-24 00:51:08 UTC
Red Hat Product Errata RHBA-2024:8441 0 None None None 2024-10-24 10:11:22 UTC
Red Hat Product Errata RHBA-2024:8578 0 None None None 2024-10-29 18:52:59 UTC
Red Hat Product Errata RHBA-2024:9635 0 None None None 2024-11-14 10:00:07 UTC
Red Hat Product Errata RHBA-2024:9811 0 None None None 2024-11-18 01:20:38 UTC
Red Hat Product Errata RHSA-2024:8162 0 None None None 2024-10-16 00:51:52 UTC
Red Hat Product Errata RHSA-2024:8856 0 None None None 2024-11-05 01:10:21 UTC
Red Hat Product Errata RHSA-2024:8870 0 None None None 2024-11-05 00:50:05 UTC

Description OSIDB Bzimport 2024-07-29 16:28:52 UTC 
In the Linux kernel, the following vulnerability has been resolved:

gfs2: Fix NULL pointer dereference in gfs2_log_flush

In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush
lock to provide exclusion against gfs2_log_flush().

In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before
dereferencing it.  Otherwise, we could run into a NULL pointer
dereference when outstanding glock work races with an unmount
(glock_work_func -> run_queue -> do_xmote -> inode_go_sync ->
gfs2_log_flush).
Comment 1 Mauro Matteo Cascella 2024-07-30 16:54:37 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024072955-CVE-2024-42079-a13c@gregkh/T
Comment 2 Mauro Matteo Cascella 2024-07-30 16:54:58 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2301716]
Comment 11 errata-xmlrpc 2024-10-16 00:51:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:8162 https://access.redhat.com/errata/RHSA-2024:8162
Comment 13 errata-xmlrpc 2024-11-05 00:50:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8870 https://access.redhat.com/errata/RHSA-2024:8870
Comment 14 errata-xmlrpc 2024-11-05 01:10:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8856 https://access.redhat.com/errata/RHSA-2024:8856
Note You need to log in before you can comment on or make changes to this bug.