CVE-2024-58092

nfsd: fix legacy client tracking initialization

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4_legacy_tracking_ops->init() call in check_for_legacy_methods(). That will be handled in the caller (nfsd4_client_tracking_init()). Otherwise, we'll wind up calling nfsd4_legacy_tracking_ops->init() twice, and the second time we'll trigger the BUG_ON() in nfsd4_init_recdir().

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/95407304253a4bf03494d921c6913e220c26cc63
https://git.kernel.org/stable/c/cdd66082b227eb695cbf54b7c121ea032e869981
https://git.kernel.org/stable/c/de71d4e211eddb670b285a0ea477a299601ce1ca

Frequently Asked Questions

What is the severity of CVE-2024-58092?
CVE-2024-58092 has not yet been assigned a CVSS score.
How to fix CVE-2024-58092?
To fix CVE-2024-58092, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-58092 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-58092 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-58092?
CVE-2024-58092 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.