CVE-2024-26878

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-26878
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26878.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26878
Downstream
Related
Published
2024-04-17T10:27:35.838Z
Modified
2026-03-13T07:52:00.458695Z
Summary
quota: Fix potential NULL pointer dereference
Details

In the Linux kernel, the following vulnerability has been resolved:

quota: Fix potential NULL pointer dereference

Below race may cause NULL pointer dereference

P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquot(inode) dquots = idquot(inode) srcureadlock dquots[cnt]) != NULL (1) dquots[type] = NULL (2) spinlock(&dquots[cnt]->dqdqblock) (3) ....

If dquotfreeinode(or other routines) checks inode's quota pointers (1) before quota_off sets it to NULL(2) and use it (3) after that, NULL pointer dereference will be triggered.

So let's fix it by using a temporary pointer to avoid this issue.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26878.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac
Fixed
8514899c1a4edf802f03c408db901063aa3f05a1
Fixed
49669f8e7eb053f91d239df7b1bfb4500255a9d0
Fixed
61380537aa6dd32d8a723d98b8f1bd1b11d8fee0
Fixed
1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25
Fixed
7f9e833fc0f9b47be503af012eb5903086939754
Fixed
40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5
Fixed
f2649d98aa9ca8623149b3cb8df00c944f5655c7
Fixed
6afc9f4434fa8063aa768c2bf5bf98583aee0877
Fixed
d0aa72604fbd80c8aabb46eda00535ed35570f1f

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26878.json"