Description

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS check is done after the call to security_path_link(). Do not use source directory's d_parent when the source directory is the mount point. [mic: Fix commit message]

INFO

Published Date :

2024-07-12T12:25:14.463Z

Last Modified :

2025-11-03T21:58:05.436Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-40938 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-40938.

URL Resource
https://git.kernel.org/stable/c/88da52ccd66e65f2e63a6c35c9dff55d448ef4dc cve-icon cve-icon
https://git.kernel.org/stable/c/b6e5e696435832b33e40775f060ef5c95f4fda1f cve-icon cve-icon
https://git.kernel.org/stable/c/c7618c7b0b8c45bcef34410cc1d1e953eb17f8f6 cve-icon cve-icon
https://git.kernel.org/stable/c/cc30d05b34f9a087a6928d09b131f7b491e9ab11 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024071218-CVE-2024-40938-1619@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-40938 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-40938 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact