Description

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: * Generic, copen can only complete open requests, and cread can only complete read requests. * For copen, ondemand_id must not be 0, because this indicates that the request has not been read by the daemon. * For cread, the object corresponding to fd and req should be the same.

INFO

Published Date :

2024-07-29T14:57:34.891Z

Last Modified :

2025-11-03T22:00:30.195Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41075 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41075.

URL Resource
https://git.kernel.org/stable/c/36d845ccd7bf527110a65fe953886a176c209539 cve-icon cve-icon
https://git.kernel.org/stable/c/3b744884c0431b5a62c92900e64bfd0ed61e8e2a cve-icon cve-icon
https://git.kernel.org/stable/c/8aaa6c5dd2940ab934d6cd296175f43dbb32b34a cve-icon cve-icon
https://git.kernel.org/stable/c/a26dc49df37e996876f50a0210039b2d211fdd6f cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024072910-CVE-2024-41075-7f07@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-41075 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-41075 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact