DEBIAN-CVE-2024-53221

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/DEBIAN-CVE-2024-53221
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-53221.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-53221
Upstream
Published
2024-12-27T14:15:30Z
Modified
2025-09-25T04:20:50.746212Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fssubmitpagebio() There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] RIP: 0010:bioalloc+0x2fb/0x6c0 [f2fs] Call Trace: <TASK> f2fssubmitpagebio+0x126/0x8b0 [f2fs] _getmetapage+0x1d4/0x920 [f2fs] getcheckpointversion.constprop.0+0x2b/0x3c0 [f2fs] validatecheckpoint+0xac/0x290 [f2fs] f2fsgetvalidcheckpoint+0x207/0x950 [f2fs] f2fsfillsuper+0x1007/0x39b0 [f2fs] mountbdev+0x183/0x250 legacygettree+0xf4/0x1e0 vfsgettree+0x88/0x340 donewmount+0x283/0x5e0 pathmount+0x2b2/0x15b0 _x64sysmount+0x1fe/0x270 dosyscall64+0x5f/0x170 entrySYSCALL64afterhwframe+0x76/0x7e Above issue happens as the biset of the f2fs file system is not initialized before register "f2fsfstype". To address above issue just register "f2fsfstype" at the last in initf2fs_fs(). Ensure that all f2fs file system resources are initialized.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.3-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.3-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}