CVE-2024-53221
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-53221
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53221.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-53221
- Downstream
- Related
- Published
- 2024-12-27T13:50:06.309Z
- Modified
- 2025-11-28T02:34:27.282390Z
- Summary
- f2fs: fix null-ptr-deref in f2fs_submit_page_bio()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix null-ptr-deref in f2fssubmitpage_bio()
There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] RIP: 0010:_bioalloc+0x2fb/0x6c0 [f2fs] Call Trace: <TASK> f2fssubmitpagebio+0x126/0x8b0 [f2fs] _getmetapage+0x1d4/0x920 [f2fs] getcheckpointversion.constprop.0+0x2b/0x3c0 [f2fs] validatecheckpoint+0xac/0x290 [f2fs] f2fsgetvalidcheckpoint+0x207/0x950 [f2fs] f2fsfillsuper+0x1007/0x39b0 [f2fs] mountbdev+0x183/0x250 legacygettree+0xf4/0x1e0 vfsgettree+0x88/0x340 donewmount+0x283/0x5e0 pathmount+0x2b2/0x15b0 _x64sysmount+0x1fe/0x270 dosyscall64+0x5f/0x170 entrySYSCALL64after_hwframe+0x76/0x7e
Above issue happens as the biset of the f2fs file system is not initialized before register "f2fsfstype". To address above issue just register "f2fsfstype" at the last in initf2fsfs(). Ensure that all f2fs file system resources are initialized.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53221.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/32f5e291b7677495f98246eec573767430321c08
- https://git.kernel.org/stable/c/8dddc12d03248755d9f709bc1eb9e3ea2bf1b322
- https://git.kernel.org/stable/c/9e11b1d5fda972f6be60ab732976a7c8e064cd56
- https://git.kernel.org/stable/c/b7d0a97b28083084ebdd8e5c6bccd12e6ec18faa
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53221.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-53221
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf543805fcd60f3f9a491cfa2f2dc9284d2569c28Fixed8dddc12d03248755d9f709bc1eb9e3ea2bf1b322Fixed32f5e291b7677495f98246eec573767430321c08Fixed9e11b1d5fda972f6be60ab732976a7c8e064cd56Fixedb7d0a97b28083084ebdd8e5c6bccd12e6ec18faa