CVE-2024-53217

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-53217
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53217.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-53217
Downstream
Related
Published
2024-12-27T13:50:02.727Z
Modified
2026-05-15T11:53:35.043324233Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
Details

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Prevent NULL dereference in nfsd4processcb_update()

@ses is initialized to NULL. If __nfsd4findbackchannel() finds no available backchannel session, setupcallbackclient() will try to dereference @ses and segfault.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53217.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.38
Fixed
4.19.325
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.287
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.231
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.174
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.120
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.64
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.11
Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53217.json"