What is the severity of CVE-2024-50091?

CVE-2024-50091 has not been assigned a specific severity rating yet, but it involves a critical issue in the Linux kernel.

How do I fix CVE-2024-50091?

To fix CVE-2024-50091, ensure that you update your Linux kernel to version 6.11.5 or later.

What components are affected by CVE-2024-50091?

CVE-2024-50091 affects Linux kernel versions up to and including 6.11.4.

What is the impact of CVE-2024-50091?

The impact of CVE-2024-50091 could potentially lead to unintended access due to improper handling of the dedupe_context pointer.

Is CVE-2024-50091 being actively exploited?

As of now, there is no public indication that CVE-2024-50091 is being actively exploited in the wild.

Vulnerability/
CVE-2024-50091

medium

5.5

5/11/2024

17/1/2025

CVE-2024-50091: dm vdo: don't refer to dedupe_context after releasing it

First published: Tue Nov 05 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: dm vdo: don't refer to dedupe_context after releasing it Clear the dedupe_context pointer in a data_vio whenever ownership of the context is lost, so that vdo can't examine it accidentally.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<6.11.4

Remedy

https://git.kernel.org/stable/c/0808ebf2f80b962e75741a41ced372a7116f1e26

Remedy

https://git.kernel.org/stable/c/63ef073084c67878d7a92e15ad055172da3f05a3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-50091?
CVE-2024-50091 has not been assigned a specific severity rating yet, but it involves a critical issue in the Linux kernel.
How do I fix CVE-2024-50091?
To fix CVE-2024-50091, ensure that you update your Linux kernel to version 6.11.5 or later.
What components are affected by CVE-2024-50091?
CVE-2024-50091 affects Linux kernel versions up to and including 6.11.4.
What is the impact of CVE-2024-50091?
The impact of CVE-2024-50091 could potentially lead to unintended access due to improper handling of the dedupe_context pointer.
Is CVE-2024-50091 being actively exploited?
As of now, there is no public indication that CVE-2024-50091 is being actively exploited in the wild.

agent/references
agent/title
agent/first-publish-date
agent/type
agent/description
agent/author
agent/event
agent/severity
agent/remedy
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/usn-cve
source/Ubuntu
collector/launchpad-cve
source/Launchpad
vendor/linux
canonical/linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.