CVE-2024-47737

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47737

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47737.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-47737

Downstream

BELL-CVE-2024-47737

DEBIAN-CVE-2024-47737

DLA-4008-1

DLA-4075-1

OESA-2024-2321

OESA-2024-2322

OESA-2024-2324

OESA-2024-2325

RHSA-2025:6966

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4100-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0034-1

openSUSE-SU-2024:14500-1

openSUSE-SU-2025:14705-1

Related

Published

2024-10-21T13:15:03Z

Modified

2025-08-09T20:01:25Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

nfsd: call cacheput if xdrreserve_space returns NULL

If not enough buffer space available, but idmaplookup has triggered lookupfn which calls cacheget and returns successfully. Then we missed to call cacheput here which pairs with cache_get.

Reviwed-by: Jeff Layton jlayton@kernel.org

References

Affected packages