CVE-2024-49999
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-49999
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-49999.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-49999
- Downstream
- Related
- Published
- 2024-10-21T18:02:38.958Z
- Modified
- 2025-11-20T06:37:21.198161Z
- Summary
- afs: Fix the setting of the server responding flag
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix the setting of the server responding flag
In afswaitfor_operation(), we set transcribe the call responded flag to the server record that we used after doing the fileserver iteration loop - but it's possible to exit the loop having had a response from the server that we've discarded (e.g. it returned an abort or we started receiving data, but the call didn't complete).
This means that op->server might be NULL, but we don't check that before attempting to set the server flag.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced98f9fda2057ba34b720c4d353351024d6dcee90fFixed3d51ab44123f35dd1d646d99a15ebef10f55e263
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced98f9fda2057ba34b720c4d353351024d6dcee90fFixed97c953572d98080c5f1486155350bb688041747a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced98f9fda2057ba34b720c4d353351024d6dcee90fFixedff98751bae40faed1ba9c6a7287e84430f7dec64
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.10
v6.10.11
v6.10.12
v6.10.13
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "226384436833068166760877928167308428594",
"length": 1232.0
},
"id": "CVE-2024-49999-032f0554",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@97c953572d98080c5f1486155350bb688041747a",
"target": {
"file": "fs/afs/fs_operation.c",
"function": "afs_wait_for_operation"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "226384436833068166760877928167308428594",
"length": 1232.0
},
"id": "CVE-2024-49999-0a10808e",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff98751bae40faed1ba9c6a7287e84430f7dec64",
"target": {
"file": "fs/afs/fs_operation.c",
"function": "afs_wait_for_operation"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"73816921769555926858036979893000061630",
"120862963296899091127973492362827102869",
"51585471052247042292377004858155789733",
"280919651496088143849392389910203764689"
]
},
"id": "CVE-2024-49999-aab6b29e",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@97c953572d98080c5f1486155350bb688041747a",
"target": {
"file": "fs/afs/fs_operation.c"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"73816921769555926858036979893000061630",
"120862963296899091127973492362827102869",
"51585471052247042292377004858155789733",
"280919651496088143849392389910203764689"
]
},
"id": "CVE-2024-49999-d8f1259d",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff98751bae40faed1ba9c6a7287e84430f7dec64",
"target": {
"file": "fs/afs/fs_operation.c"
}
}
]