CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50043

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4_free_stateid() under the client lock we find a delegation stateid, however the code drops the lock before calling nfs4_put_stid(), that allows another FREE_STATE to find the stateid again. The first one will proceed to then free the stateid which leads to either use-after-free or decrementing already zeroed counter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2024-50043

Linux » Linux Kernel » Version: 6.10

cpe:2.3:o:linux:linux_kernel:6.10
Linux » Linux Kernel » Version: 6.10.0

cpe:2.3:o:linux:linux_kernel:6.10.0
Linux » Linux Kernel » Version: 6.10.1

cpe:2.3:o:linux:linux_kernel:6.10.1
Linux » Linux Kernel » Version: 6.10.10

cpe:2.3:o:linux:linux_kernel:6.10.10
Linux » Linux Kernel » Version: 6.10.11

cpe:2.3:o:linux:linux_kernel:6.10.11
Linux » Linux Kernel » Version: 6.10.12

cpe:2.3:o:linux:linux_kernel:6.10.12
Linux » Linux Kernel » Version: 6.10.13

cpe:2.3:o:linux:linux_kernel:6.10.13
Linux » Linux Kernel » Version: 6.10.14

cpe:2.3:o:linux:linux_kernel:6.10.14
Linux » Linux Kernel » Version: 6.10.2

cpe:2.3:o:linux:linux_kernel:6.10.2
Linux » Linux Kernel » Version: 6.10.3

cpe:2.3:o:linux:linux_kernel:6.10.3
Linux » Linux Kernel » Version: 6.10.4

cpe:2.3:o:linux:linux_kernel:6.10.4
Linux » Linux Kernel » Version: 6.10.5

cpe:2.3:o:linux:linux_kernel:6.10.5
Linux » Linux Kernel » Version: 6.10.6

cpe:2.3:o:linux:linux_kernel:6.10.6
Linux » Linux Kernel » Version: 6.10.7

cpe:2.3:o:linux:linux_kernel:6.10.7
Linux » Linux Kernel » Version: 6.10.8

cpe:2.3:o:linux:linux_kernel:6.10.8
Linux » Linux Kernel » Version: 6.10.9

cpe:2.3:o:linux:linux_kernel:6.10.9
Linux » Linux Kernel » Version: 6.11

cpe:2.3:o:linux:linux_kernel:6.11
Linux » Linux Kernel » Version: 6.11.1

cpe:2.3:o:linux:linux_kernel:6.11.1
Linux » Linux Kernel » Version: 6.11.2

cpe:2.3:o:linux:linux_kernel:6.11.2
Linux » Linux Kernel » Version: 6.11.3

cpe:2.3:o:linux:linux_kernel:6.11.3
Linux » Linux Kernel » Version: 6.12

cpe:2.3:o:linux:linux_kernel:6.12
Linux » Linux Kernel » Version: 6.9

cpe:2.3:o:linux:linux_kernel:6.9
Linux » Linux Kernel » Version: 6.9.1

cpe:2.3:o:linux:linux_kernel:6.9.1
Linux » Linux Kernel » Version: 6.9.10

cpe:2.3:o:linux:linux_kernel:6.9.10
Linux » Linux Kernel » Version: 6.9.11

cpe:2.3:o:linux:linux_kernel:6.9.11
Linux » Linux Kernel » Version: 6.9.12

cpe:2.3:o:linux:linux_kernel:6.9.12
Linux » Linux Kernel » Version: 6.9.2

cpe:2.3:o:linux:linux_kernel:6.9.2
Linux » Linux Kernel » Version: 6.9.3

cpe:2.3:o:linux:linux_kernel:6.9.3
Linux » Linux Kernel » Version: 6.9.4

cpe:2.3:o:linux:linux_kernel:6.9.4
Linux » Linux Kernel » Version: 6.9.5

cpe:2.3:o:linux:linux_kernel:6.9.5
Linux » Linux Kernel » Version: 6.9.6

cpe:2.3:o:linux:linux_kernel:6.9.6
Linux » Linux Kernel » Version: 6.9.7

cpe:2.3:o:linux:linux_kernel:6.9.7
Linux » Linux Kernel » Version: 6.9.8

cpe:2.3:o:linux:linux_kernel:6.9.8
Linux » Linux Kernel » Version: 6.9.9

cpe:2.3:o:linux:linux_kernel:6.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50043

Products

Pricing

Contact Us