CVE-2024-36923

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/18cf7026355187b8d2b4cdfed61dbf873e9d29ff", "name": "https://git.kernel.org/stable/c/18cf7026355187b8d2b4cdfed61dbf873e9d29ff", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1b4cb6e91f19b81217ad98142ee53a1ab25893fd", "name": "https://git.kernel.org/stable/c/1b4cb6e91f19b81217ad98142ee53a1ab25893fd", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1b4cb6e91f19b81217ad98142ee53a1ab25893fd", "name": "https://git.kernel.org/stable/c/1b4cb6e91f19b81217ad98142ee53a1ab25893fd", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/3a741b80b3457f079cf637e47800fb7bf8038ad6", "name": "https://git.kernel.org/stable/c/3a741b80b3457f079cf637e47800fb7bf8038ad6", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6630036b7c228f57c7893ee0403e92c2db2cd21d", "name": "https://git.kernel.org/stable/c/6630036b7c228f57c7893ee0403e92c2db2cd21d", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6630036b7c228f57c7893ee0403e92c2db2cd21d", "name": "https://git.kernel.org/stable/c/6630036b7c228f57c7893ee0403e92c2db2cd21d", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix uninitialized values during inode evict\n\nIf an iget fails due to not being able to retrieve information\nfrom the server then the inode structure is only partially\ninitialized. When the inode gets evicted, references to\nuninitialized structures (like fscache cookies) were being\nmade.\n\nThis patch checks for a bad_inode before doing anything other\nthan clearing the inode from the cache. Since the inode is\nbad, it shouldn't have any state associated with it that needs\nto be written back (and there really isn't a way to complete\nthose anyways)."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-36923", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-05-30T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.8.10", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.63", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.119"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-06T12:56Z"}