CVE-2024-49957
Published: Oct 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journal_reset() fails because of too short journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. Subsequently, ocfs2_journal_shutdown() calls jbd2_journal_flush()->jbd2_cleanup_journal_tail()-> __jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail() ->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer dereference error. To resolve this issue, we should check the JBD2_LOADED flag to ensure the journal was properly loaded. Additionally, use journal instead of osb->journal directly to simplify the code.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected f6f50e28f0cb8d7bcdfaacc83129f005dede11b1 - < fd89d92c1140cee8f59de336cb37fa65e359c123affected f6f50e28f0cb8d7bcdfaacc83129f005dede11b1 - < 703b2c7e0798d263154dc8593dc2345f75dc077faffected f6f50e28f0cb8d7bcdfaacc83129f005dede11b1 - < bf605ae98dab5c15c5b631d4d7f88898cb41b649affected f6f50e28f0cb8d7bcdfaacc83129f005dede11b1 - < ff55291fb36779819211b596da703389135f5b05affected f6f50e28f0cb8d7bcdfaacc83129f005dede11b1 - < 82dfdd1e31e774578f76ce6dc90c834f96403a0f+4 more versions |
Linux | Linux | affected 2.6.32unaffected 0 - < 2.6.32unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.227 - <= 5.10.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now