{"id":"CVE-2024-56549","summary":"cachefiles: Fix NULL pointer dereference in object-\u003efile","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: Fix NULL pointer dereference in object-\u003efile\n\nAt present, the object-\u003efile has the NULL pointer dereference problem in\nondemand-mode. The root cause is that the allocated fd and object-\u003efile\nlifetime are inconsistent, and the user-space invocation to anon_fd uses\nobject-\u003efile. Following is the process that triggers the issue:\n\n\t  [write fd]\t\t\t\t[umount]\ncachefiles_ondemand_fd_write_iter\n\t\t\t\t       fscache_cookie_state_machine\n\t\t\t\t\t cachefiles_withdraw_cookie\n  if (!file) return -ENOBUFS\n\t\t\t\t\t   cachefiles_clean_up_object\n\t\t\t\t\t     cachefiles_unmark_inode_in_use\n\t\t\t\t\t     fput(object-\u003efile)\n\t\t\t\t\t     object-\u003efile = NULL\n  // file NULL pointer dereference!\n  __cachefiles_write(..., file, ...)\n\nFix this issue by add an additional reference count to the object-\u003efile\nbefore write/llseek, and decrement after it finished.","modified":"2026-04-02T12:24:38.144540Z","published":"2024-12-27T14:11:30.336Z","related":["SUSE-SU-2025:0117-1","SUSE-SU-2025:0153-1","SUSE-SU-2025:0154-1","SUSE-SU-2025:0201-1","SUSE-SU-2025:0201-2","SUSE-SU-2025:0229-1","SUSE-SU-2025:0289-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7276-1","USN-7277-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56549.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/31ad74b20227ce6b40910ff78b1c604e42975cf1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/785408bbafcfa24c9fc5b251f03fd0780ce182bd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9582c7664103c9043e80a78f5c382aa6bdd67418"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d6bba3ece960129a553d4b16f1b00c884dc0993a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f98770440c9bc468e2fd878212ec9526dbe08293"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56549.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56549"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c8383054506c77b814489c09877b5db83fd4abf2"},{"fixed":"d6bba3ece960129a553d4b16f1b00c884dc0993a"},{"fixed":"785408bbafcfa24c9fc5b251f03fd0780ce182bd"},{"fixed":"f98770440c9bc468e2fd878212ec9526dbe08293"},{"fixed":"9582c7664103c9043e80a78f5c382aa6bdd67418"},{"fixed":"31ad74b20227ce6b40910ff78b1c604e42975cf1"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56549.json"}}],"schema_version":"1.7.5"}