CVE-2024-26878

Source
https://cve.org/CVERecord?id=CVE-2024-26878
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26878.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26878
Downstream
Related
Published
2024-04-17T10:27:35.838Z
Modified
2026-07-08T06:55:31.147552715Z
Summary
quota: Fix potential NULL pointer dereference
Details

In the Linux kernel, the following vulnerability has been resolved:

quota: Fix potential NULL pointer dereference

Below race may cause NULL pointer dereference

P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquot(inode) dquots = idquot(inode) srcureadlock dquots[cnt]) != NULL (1) dquots[type] = NULL (2) spinlock(&dquots[cnt]->dqdqblock) (3) ....

If dquotfreeinode(or other routines) checks inode's quota pointers (1) before quota_off sets it to NULL(2) and use it (3) after that, NULL pointer dereference will be triggered.

So let's fix it by using a temporary pointer to avoid this issue.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26878.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac
Fixed
8514899c1a4edf802f03c408db901063aa3f05a1
Fixed
49669f8e7eb053f91d239df7b1bfb4500255a9d0
Fixed
61380537aa6dd32d8a723d98b8f1bd1b11d8fee0
Fixed
1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25
Fixed
7f9e833fc0f9b47be503af012eb5903086939754
Fixed
40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5
Fixed
f2649d98aa9ca8623149b3cb8df00c944f5655c7
Fixed
6afc9f4434fa8063aa768c2bf5bf98583aee0877
Fixed
d0aa72604fbd80c8aabb46eda00535ed35570f1f

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26878.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.14.0
Fixed
4.19.311
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.273
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.214
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.153
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.83
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26878.json"