CVE-2024-43857

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix null reference error when checking end of zone

This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() that checks the last block of a zone when f2fs is mounted as a single device.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe067dc3c6b9c419bac43c6a0be2d85f44681f863 < b98777309756ebe15cc9ad4e8ab64bbfaf878a3faffected
LinuxLinuxe067dc3c6b9c419bac43c6a0be2d85f44681f863 < 381cbe85592c78fbaeb3e770e3e9f3bfa3e67efbaffected
LinuxLinuxe067dc3c6b9c419bac43c6a0be2d85f44681f863 < c82bc1ab2a8a5e73d9728e80c4c2ed87e8921a38affected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References