CVE-2024-58092

Get rid of the nfsd4legacytrackingops->init() call in checkforlegacymethods(). That will be handled in the caller (nfsd4clienttrackinginit()). Otherwise, we'll wind up calling nfsd4legacytrackingops->init() twice, and the second time we'll trigger the BUGON() in nfsd4init_recdir().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

74fd48739d0488e39ae18b0168720f449a06690c

Fixed

95407304253a4bf03494d921c6913e220c26cc63

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

74fd48739d0488e39ae18b0168720f449a06690c

Fixed

cdd66082b227eb695cbf54b7c121ea032e869981

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

74fd48739d0488e39ae18b0168720f449a06690c

Fixed

de71d4e211eddb670b285a0ea477a299601ce1ca

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.2

v6.12.20

v6.12.21

v6.12.3

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.13.1

v6.13.2

v6.13.3

v6.13.4

v6.13.5

v6.13.6

v6.13.7

v6.13.8

v6.13.9

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdd66082b227eb695cbf54b7c121ea032e869981",
        "digest": {
            "line_hashes": [
                "248998771022695820791056752359058980036",
                "12979914391309238762546230491907764497",
                "29487717997076717663390075316034589593",
                "250572855638754651219643733864045680949"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-58092-0a2f70c1",
        "signature_version": "v1",
        "target": {
            "file": "fs/nfsd/nfs4recover.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de71d4e211eddb670b285a0ea477a299601ce1ca",
        "digest": {
            "line_hashes": [
                "248998771022695820791056752359058980036",
                "12979914391309238762546230491907764497",
                "29487717997076717663390075316034589593",
                "250572855638754651219643733864045680949"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-58092-2ebfdaed",
        "signature_version": "v1",
        "target": {
            "file": "fs/nfsd/nfs4recover.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@95407304253a4bf03494d921c6913e220c26cc63",
        "digest": {
            "length": 565.0,
            "function_hash": "79365730838626736674734948717412779682"
        },
        "id": "CVE-2024-58092-3cc1e114",
        "signature_version": "v1",
        "target": {
            "function": "check_for_legacy_methods",
            "file": "fs/nfsd/nfs4recover.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de71d4e211eddb670b285a0ea477a299601ce1ca",
        "digest": {
            "length": 565.0,
            "function_hash": "79365730838626736674734948717412779682"
        },
        "id": "CVE-2024-58092-4f54c895",
        "signature_version": "v1",
        "target": {
            "function": "check_for_legacy_methods",
            "file": "fs/nfsd/nfs4recover.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdd66082b227eb695cbf54b7c121ea032e869981",
        "digest": {
            "length": 565.0,
            "function_hash": "79365730838626736674734948717412779682"
        },
        "id": "CVE-2024-58092-8fef93c3",
        "signature_version": "v1",
        "target": {
            "function": "check_for_legacy_methods",
            "file": "fs/nfsd/nfs4recover.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@95407304253a4bf03494d921c6913e220c26cc63",
        "digest": {
            "line_hashes": [
                "248998771022695820791056752359058980036",
                "12979914391309238762546230491907764497",
                "29487717997076717663390075316034589593",
                "250572855638754651219643733864045680949"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-58092-e4951428",
        "signature_version": "v1",
        "target": {
            "file": "fs/nfsd/nfs4recover.c"
        }
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.8.0

Fixed

6.12.22

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.10