CVE-2024-35904

Published: May 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never read static variable selinuxfs_mount.

Vendor	Product	Versions
Linux	Linux	affected `0619f0f5e36f12e100ef294f5980cfe7c93ff23e - < 477ed6789eb9f3f4d3568bb977f90c863c12724e` affected `0619f0f5e36f12e100ef294f5980cfe7c93ff23e - < 68784a5d01b8868ff85a7926676b6729715fff3c` affected `0619f0f5e36f12e100ef294f5980cfe7c93ff23e - < 37801a36b4d68892ce807264f784d818f8d0d39b`
Linux	Linux	affected `4.17` unaffected `0 - < 4.17` unaffected `6.6.26 - <= 6.6.` unaffected `6.8.5 - <= 6.8.` unaffected `6.9 - <= *`

References

https://git.kernel.org/stable/c/477ed6789eb9f3f4d3568bb977f90c863c12724e

https://git.kernel.org/stable/c/68784a5d01b8868ff85a7926676b6729715fff3c

https://git.kernel.org/stable/c/37801a36b4d68892ce807264f784d818f8d0d39b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35904

Description

Affected Products

References