CVE-2024-50091

MEDIUM 5.5

dm vdo: don't refer to dedupe_context after releasing it

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: dm vdo: don't refer to dedupe_context after releasing it Clear the dedupe_context pointer in a data_vio whenever ownership of the context is lost, so that vdo can't examine it accidentally.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 5, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

cfaf07fae7a262865a67b6010eef3bc0a1ae50b2 < 63ef073084c67878d7a92e15ad055172da3f05a3 cfaf07fae7a262865a67b6010eef3bc0a1ae50b2 < 0808ebf2f80b962e75741a41ced372a7116f1e26

Linux / Linux

6.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/63ef073084c67878d7a92e15ad055172da3f05a3 git.kernel.org: https://git.kernel.org/stable/c/0808ebf2f80b962e75741a41ced372a7116f1e26