CVE-2024-26632
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
18/03/2024
Last modified:
03/03/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
block: Fix iterating over an empty bio with bio_for_each_folio_all<br />
<br />
If the bio contains no data, bio_first_folio() calls page_folio() on a<br />
NULL pointer and oopses. Move the test that we&#39;ve reached the end of<br />
the bio from bio_next_folio() to bio_first_folio().<br />
<br />
[axboe: add unlikely() to error case]
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.17 (including) | 6.1.75 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.14 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7
- https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659
- https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe
- https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde
- https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7
- https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659
- https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe
- https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde