PT-2024-29733 · Linux+10 · Linux Kernel+10

Andreas Gruenbacher

·

Published

2024-03-11

·

Updated

2026-03-14

·

CVE-2024-42079

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a NULL pointer dereference in the gfs2 log flush function. This occurs when outstanding glock work races with an unmount, specifically in the path from glock work func to gfs2 log flush through run queue, do xmote, and inode go sync. To prevent this, the code sets sdp->sd jdesc to NULL under the log flush lock in gfs2 jindex free and checks if sdp->sd jdesc is non-NULL before dereferencing it in gfs2 log flush.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2024:8162
ALSA-2024:8856
ALSA-2024:8870
ALSA-2025_16880
ALT-PU-2024-10855
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47118
AZL-47166
BDU:2025-02998
CESA-2024_8856
CESA-2024_8870
CVE-2024-42079
ECHO-6E5D-E987-4DC1
INFSA-2024_8162
INFSA-2024_8856
INFSA-2024_8870
OESA-2024-2076
OPENSUSE-SU-2024_2947-1
RHSA-2024:8162
RHSA-2024:8856
RHSA-2024:8870
RHSA-2024_8162
RHSA-2024_8856
RHSA-2024_8870
RLSA-2024:8162
RLSA-2024:8856
RLSA-2024:8870
SUSE-SU-2024:2894-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3383-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7156-1
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7186-1
USN-7186-2
USN-7194-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu