ByteOS Network

CVE Vulnerability Details :

CVE-2024-46696

PUBLISHED

More Info Official Page

Assigner-Linux

Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published At-13 Sep, 2024 | 05:29

Updated At-04 May, 2025 | 09:32

▼CVE Numbering Authority (CNA)

nfsd: fix potential UAF in nfsd4_cb_getattr_release

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix potential UAF in nfsd4_cb_getattr_release Once we drop the delegation reference, the fields embedded in it are no longer safe to access. Do that last.

Affected Products

Vendor

Linux Kernel Organization, Inc

Product

Linux

Repo

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Program Files

fs/nfsd/nfs4state.c

Default Status

unaffected

Versions

Affected

From c5967721e1063648b0506481585ba7e2e49a075e before e0b66698a5ae41078f7490e8b3527013f5fccd6c (git)
From c5967721e1063648b0506481585ba7e2e49a075e before 1116e0e372eb16dd907ec571ce5d4af325c55c10 (git)

Vendor

Linux Kernel Organization, Inc

Product

Linux

Repo

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Program Files

fs/nfsd/nfs4state.c

Default Status

affected

Versions

Affected

Unaffected

From 0 before 6.9 (semver)
From 6.10.8 through 6.10.* (semver)
From 6.11 through * (original_commit_for_fix)

References

Hyperlink	Resource
https://git.kernel.org/stable/c/e0b66698a5ae41078f7490e8b3527013f5fccd6c	N/A
https://git.kernel.org/stable/c/1116e0e372eb16dd907ec571ce5d4af325c55c10	N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Affected

Unaffected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References