DEBIAN-CVE-2024-41083
- Source
- https://security-tracker.debian.org/tracker/CVE-2024-41083
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-41083.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-41083
- Upstream
- Published
- 2024-07-29T16:15:03Z
- Modified
- 2025-09-25T22:40:50Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix netfspagemkwrite() to check folio->mapping is valid Fix netfspagemkwrite() to check that folio->mapping is valid once it has taken the folio lock (as filemappagemkwrite() does). Without this, generic/247 occasionally oopses with something like the following: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: errorcode(0x0000) - not-present page RIP: 0010:traceeventraweventnetfsfolio+0x61/0xc0 ... Call Trace: <TASK> ? _diebody+0x1a/0x60 ? pagefaultoops+0x6e/0xa0 ? excpagefault+0xc2/0xe0 ? asmexcpagefault+0x22/0x30 ? traceeventraweventnetfsfolio+0x61/0xc0 tracenetfsfolio+0x39/0x40 netfspagemkwrite+0x14c/0x1d0 dopagemkwrite+0x50/0x90 doptemissing+0x184/0x200 _handlemmfault+0x42d/0x500 handlemmfault+0x121/0x1f0 douseraddrfault+0x23e/0x3c0 excpagefault+0xc2/0xe0 asmexcpagefault+0x22/0x30 This is due to the invalidateinodepages2range() issued at the end of the DIO write interfering with the mmap'd writes.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source