CVE-2024-56549

cachefiles: Fix NULL pointer dereference in object->file

Description

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object->file At present, the object->file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object->file lifetime are inconsistent, and the user-space invocation to anon_fd uses object->file. Following is the process that triggers the issue: [write fd] [umount] cachefiles_ondemand_fd_write_iter fscache_cookie_state_machine cachefiles_withdraw_cookie if (!file) return -ENOBUFS cachefiles_clean_up_object cachefiles_unmark_inode_in_use fput(object->file) object->file = NULL // file NULL pointer dereference! __cachefiles_write(..., file, ...) Fix this issue by add an additional reference count to the object->file before write/llseek, and decrement after it finished.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/d6bba3ece960129a553d4b16f1b00c884dc0993a
https://git.kernel.org/stable/c/785408bbafcfa24c9fc5b251f03fd0780ce182bd
https://git.kernel.org/stable/c/f98770440c9bc468e2fd878212ec9526dbe08293 patch
https://git.kernel.org/stable/c/9582c7664103c9043e80a78f5c382aa6bdd67418 patch
https://git.kernel.org/stable/c/31ad74b20227ce6b40910ff78b1c604e42975cf1 patch

Frequently Asked Questions

What is the severity of CVE-2024-56549?
CVE-2024-56549 has been scored as a medium severity vulnerability.
How to fix CVE-2024-56549?
To fix CVE-2024-56549, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56549 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56549 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56549?
CVE-2024-56549 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.