PT-2024-33709 · Linux+7 · Linux Kernel+7
Haoran Zhang
·
Published
2024-10-01
·
Updated
2025-09-29
·
CVE-2024-49863
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 6.6.58
Description:
A null pointer dereference bug can be triggered in the Linux kernel when a guest sends an SCSI AN request. This occurs because
vc.target is set to NULL for VIRTIO SCSI T AN * requests, and later dereferenced without being checked in vhost scsi get req(). This bug can be triggered from the guest and may cause the vhost worker process to be killed while holding vq->mutex, resulting in the corresponding tpg remaining occupied indefinitely.Recommendations:
To resolve this issue, upgrade the Linux kernel to version 6.6.58 or later.
As a temporary workaround, consider adding a check in
vhost scsi get req() to prevent the null pointer dereference.Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu