CVE-2024-42078: nfsd: initialise nfsd_info.mutex early.
Description
In the Linux kernel, the following vulnerability has been resolved:
nfsd: initialise nfsd_info.mutex early.
nfsd_info.mutex can be dereferenced by svc_pool_stats_start()
immediately after the new netns is created. Currently this can
trigger an oops.
Move the initialisation earlier before it can possibly be dereferenced.
Classification
CVE ID: CVE-2024-42078
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.48% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)
References
https://git.kernel.org/stable/c/7e8b94045bc77ce4f085ddfb9eb04e5760e66169https://git.kernel.org/stable/c/e0011bca603c101f2a3c007bdb77f7006fa78fb1