vulnerability

Debian: CVE-2024-41075: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Jul 29, 2024	Sep 2, 2024	May 28, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Jul 29, 2024

Added

Sep 2, 2024

Modified

May 28, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

cachefiles: add consistency check for copen/cread

This prevents malicious processes from completing random copen/cread
requests and crashing the system. Added checks are listed below:

* Generic, copen can only complete open requests, and cread can only
complete read requests.
* For copen, ondemand_id must not be 0, because this indicates that the
request has not been read by the daemon.
* For cread, the object corresponding to fd and req should be the same.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2024-41075
https://attackerkb.com/topics/CVE-2024-41075
DEBIAN-DLA-4008-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today