In the Linux kernel, the following vulnerability has been resolved:
nfsd: initialise nfsd_info.mutex early.
nfsdinfo.mutex can be dereferenced by svcpoolstatsstart() immediately after the new netns is created. Currently this can trigger an oops.
Move the initialisation earlier before it can possibly be dereferenced.
{ "vanir_signatures": [ { "signature_version": "v1", "signature_type": "Function", "target": { "file": "fs/nfsd/nfssvc.c", "function": "nfsd_create_serv" }, "deprecated": false, "digest": { "length": 882.0, "function_hash": "264688803469564036030741267557082164108" }, "id": "CVE-2024-42078-055dfac7", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e0011bca603c101f2a3c007bdb77f7006fa78fb1" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "fs/nfsd/nfssvc.c" }, "deprecated": false, "digest": { "line_hashes": [ "157019310429110050184667232500877829305", "79444557225163903476979520065850967721", "271516439795043208963786990021588521698", "89466589030249813646167480295865391316" ], "threshold": 0.9 }, "id": "CVE-2024-42078-294a3471", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7e8b94045bc77ce4f085ddfb9eb04e5760e66169" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "fs/nfsd/nfssvc.c", "function": "nfsd_create_serv" }, "deprecated": false, "digest": { "length": 882.0, "function_hash": "264688803469564036030741267557082164108" }, "id": "CVE-2024-42078-2ecc57ff", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7e8b94045bc77ce4f085ddfb9eb04e5760e66169" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "fs/nfsd/nfsctl.c" }, "deprecated": false, "digest": { "line_hashes": [ "312322892415122746493396719396879700364", "115779118510788600918109125543201562993", "87599185917662732487465816360867493665", "41994084309485617209175384043478329981" ], "threshold": 0.9 }, "id": "CVE-2024-42078-3343663b", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7e8b94045bc77ce4f085ddfb9eb04e5760e66169" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "fs/nfsd/nfsctl.c", "function": "nfsd_net_init" }, "deprecated": false, "digest": { "length": 752.0, "function_hash": "252379834722876433204326843741165498691" }, "id": "CVE-2024-42078-5f7a410d", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7e8b94045bc77ce4f085ddfb9eb04e5760e66169" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "fs/nfsd/nfsctl.c", "function": "nfsd_net_init" }, "deprecated": false, "digest": { "length": 806.0, "function_hash": "265078352255384215765190415793118281707" }, "id": "CVE-2024-42078-7adae8b4", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e0011bca603c101f2a3c007bdb77f7006fa78fb1" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "fs/nfsd/nfssvc.c" }, "deprecated": false, "digest": { "line_hashes": [ "157019310429110050184667232500877829305", "79444557225163903476979520065850967721", "271516439795043208963786990021588521698", "89466589030249813646167480295865391316" ], "threshold": 0.9 }, "id": "CVE-2024-42078-a2f006cc", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e0011bca603c101f2a3c007bdb77f7006fa78fb1" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "fs/nfsd/nfsctl.c" }, "deprecated": false, "digest": { "line_hashes": [ "312322892415122746493396719396879700364", "115779118510788600918109125543201562993", "87599185917662732487465816360867493665", "41994084309485617209175384043478329981" ], "threshold": 0.9 }, "id": "CVE-2024-42078-c79cfc89", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e0011bca603c101f2a3c007bdb77f7006fa78fb1" } ] }