CVE-2024-50043

Published: Oct 21, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4_free_stateid() under the client lock we find a delegation stateid, however the code drops the lock before calling nfs4_put_stid(), that allows another FREE_STATE to find the stateid again. The first one will proceed to then free the stateid which leads to either use-after-free or decrementing already zeroed counter.

Vendor	Product	Versions
Linux	Linux	affected `3f29cc82a84c23cfd12b903029dd26002ca825f5 - < 7ca9e472ce5c67daa3188a348ece8c02a0765039` affected `3f29cc82a84c23cfd12b903029dd26002ca825f5 - < c88c150a467fcb670a1608e2272beeee3e86df6e`
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.11.4 - <= 6.11.` unaffected `6.12 - <= `

References

https://git.kernel.org/stable/c/7ca9e472ce5c67daa3188a348ece8c02a0765039

https://git.kernel.org/stable/c/c88c150a467fcb670a1608e2272beeee3e86df6e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-50043

Description

Affected Products

References