CVE-2024-38625

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check 'folio' pointer for NULL It can be NULL if bmap is called.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803	Patch
https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8	Patch
https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641	Patch
https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803	Patch
https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8	Patch
https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

07 Jan 2025, 16:09

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803 -~~	() https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803 - Patch
References	~~() https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8 -~~	() https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8 - Patch
References	~~() https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641 -~~	() https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641 - Patch
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-476

21 Nov 2024, 09:26

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Verifique que el puntero 'folio' sea NULL. Puede ser NULL si se llama a bmap.
References	~~() https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803 -~~	() https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803 -
References	~~() https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8 -~~	() https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8 -
References	~~() https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641 -~~	() https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641 -

21 Jun 2024, 11:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-21 11:15

Updated : 2025-01-07 16:09

NVD link : CVE-2024-38625

Mitre link : CVE-2024-38625

CVE.ORG link : CVE-2024-38625

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10