{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T13:34:23.103","vulnerabilities":[{"cve":{"id":"CVE-2024-53167","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-12-27T14:15:23.820","lastModified":"2025-10-08T14:41:01.357","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfs/blocklayout: Don't attempt unregister for invalid block device\n\nSince commit d869da91cccb (\"nfs/blocklayout: Fix premature PR key\nunregistration\") an unmount of a pNFS SCSI layout-enabled NFS may\ndereference a NULL block_device in:\n\n  bl_unregister_scsi+0x16/0xe0 [blocklayoutdriver]\n  bl_free_device+0x70/0x80 [blocklayoutdriver]\n  bl_free_deviceid_node+0x12/0x30 [blocklayoutdriver]\n  nfs4_put_deviceid_node+0x60/0xc0 [nfsv4]\n  nfs4_deviceid_purge_client+0x132/0x190 [nfsv4]\n  unset_pnfs_layoutdriver+0x59/0x60 [nfsv4]\n  nfs4_destroy_server+0x36/0x70 [nfsv4]\n  nfs_free_server+0x23/0xe0 [nfs]\n  deactivate_locked_super+0x30/0xb0\n  cleanup_mnt+0xba/0x150\n  task_work_run+0x59/0x90\n  syscall_exit_to_user_mode+0x217/0x220\n  do_syscall_64+0x8e/0x160\n\nThis happens because even though we were able to create the\nnfs4_deviceid_node, the lookup for the device was unable to attach the\nblock device to the pnfs_block_dev.\n\nIf we never found a block device to register, we can avoid this case with\nthe PNFS_BDEV_REGISTERED flag.  Move the deref behind the test for the\nflag."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfs/blocklayout: No intente anular el registro de un dispositivo de bloque no válido Desde el commit d869da91cccb (\"nfs/blocklayout: Reparar la anulación prematura del registro de una clave PR\"), un desmontaje de un NFS con diseño SCSI habilitado pNFS puede anular la referencia de un block_device NULL en: bl_unregister_scsi+0x16/0xe0 [blocklayoutdriver] bl_free_device+0x70/0x80 [blocklayoutdriver] bl_free_deviceid_node+0x12/0x30 [blocklayoutdriver] nfs4_put_deviceid_node+0x60/0xc0 [nfsv4] nfs4_deviceid_purge_client+0x132/0x190 [nfsv4] Esto sucede porque, aunque pudimos crear el nfs4_deviceid_node, la búsqueda del dispositivo no pudo adjuntar el dispositivo de bloque a pnfs_block_dev. Si nunca encontramos un dispositivo de bloque para registrar, podemos evitar este caso con el indicador PNFS_BDEV_REGISTERED. Mueva el desreferenciador detrás de la prueba para el indicador."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.11","matchCriteriaId":"07BE5DA1-4C04-4052-9B58-6EDE15469D65"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.2","matchCriteriaId":"D8882B1B-2ABC-4838-AC1D-DBDBB5764776"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3402704a424f34bbcca7f4a4503859357f422217","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3a4ce14d9a6b868e0787e4582420b721c04ee41e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/faa4bacfaeed827a4ca8cb8529a3ce65a9e8ef46","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}