CVE-2024-41075

Published: Jul 29, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: * Generic, copen can only complete open requests, and cread can only complete read requests. * For copen, ondemand_id must not be 0, because this indicates that the request has not been read by the daemon. * For cread, the object corresponding to fd and req should be the same.

Vendor	Product	Versions
Linux	Linux	affected `9032b6e8589f269743984aac53e82e4835be16dc - < 3b744884c0431b5a62c92900e64bfd0ed61e8e2a` affected `9032b6e8589f269743984aac53e82e4835be16dc - < 36d845ccd7bf527110a65fe953886a176c209539` affected `9032b6e8589f269743984aac53e82e4835be16dc - < 8aaa6c5dd2940ab934d6cd296175f43dbb32b34a` affected `9032b6e8589f269743984aac53e82e4835be16dc - < a26dc49df37e996876f50a0210039b2d211fdd6f`
Linux	Linux	affected `5.19` unaffected `0 - < 5.19` unaffected `6.1.101 - <= 6.1.` unaffected `6.6.42 - <= 6.6.` unaffected `6.9.11 - <= 6.9.*` +1 more versions

References

https://git.kernel.org/stable/c/3b744884c0431b5a62c92900e64bfd0ed61e8e2a

https://git.kernel.org/stable/c/36d845ccd7bf527110a65fe953886a176c209539

https://git.kernel.org/stable/c/8aaa6c5dd2940ab934d6cd296175f43dbb32b34a

https://git.kernel.org/stable/c/a26dc49df37e996876f50a0210039b2d211fdd6f

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-41075

Description

Affected Products

References