cve 2024 45000

About this tag
CVE-2024-45000 is a Linux kernel vulnerability in the fscache subsystem that can cause a denial-of-service (DoS) condition. The flaw involves a race condition where a NULL pointer dereference occurs during an LRU-discard transition in the fscache state machine, specifically due to a missing check of the cookie access counter. This can crash the kernel, affecting system availability. The vulnerability does not lead to data disclosure or privilege escalation. Systems using fscache, often with network filesystems like NFS, are at risk. The upstream fix adds a check to prevent cookie withdrawal while active accesses remain. This tag covers discussions and explanations of CVE-2024-45000, its impact, and mitigation steps.
  1. Linux fscache CVE-2024-45000 DoS: Kernel NULL Pointer Dereference Explained

    A subtle race-condition bug in the Linux kernel’s fscache subsystem — tracked as CVE-2024-45000 — can allow the kernel to dereference a NULL pointer and crash, producing a denial-of-service condition on affected systems. The flaw stems from a missing check of the cookie access counter (the...