{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-26878","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-19T14:20:24.185Z","datePublished":"2024-04-17T10:27:35.838Z","dateUpdated":"2026-05-12T11:49:56.835Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T20:06:00.874Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t  drop_dquot_ref\n\t\t\t\t\t   remove_dquot_ref\n\t\t\t\t\t   dquots = i_dquot(inode)\n  dquots = i_dquot(inode)\n  srcu_read_lock\n  dquots[cnt]) != NULL (1)\n\t\t\t\t\t     dquots[type] = NULL (2)\n  spin_lock(&dquots[cnt]->dq_dqb_lock) (3)\n   ....\n\nIf dquot_free_inode(or other routines) checks inode's quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let's fix it by using a temporary pointer to avoid this issue."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/quota/dquot.c"],"versions":[{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"8514899c1a4edf802f03c408db901063aa3f05a1","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"49669f8e7eb053f91d239df7b1bfb4500255a9d0","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"61380537aa6dd32d8a723d98b8f1bd1b11d8fee0","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"7f9e833fc0f9b47be503af012eb5903086939754","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"f2649d98aa9ca8623149b3cb8df00c944f5655c7","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"6afc9f4434fa8063aa768c2bf5bf98583aee0877","status":"affected","versionType":"git"},{"version":"7b9ca4c61bc278b771fb57d6290a31ab1fc7fdac","lessThan":"d0aa72604fbd80c8aabb46eda00535ed35570f1f","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/quota/dquot.c"],"versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","status":"unaffected","versionType":"semver"},{"version":"4.19.311","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.273","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.214","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.153","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.83","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.23","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7.11","lessThanOrEqual":"6.7.*","status":"unaffected","versionType":"semver"},{"version":"6.8.2","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"4.19.311"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.4.273"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.214"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.15.153"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.1.83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.6.23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.7.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.8.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8514899c1a4edf802f03c408db901063aa3f05a1"},{"url":"https://git.kernel.org/stable/c/49669f8e7eb053f91d239df7b1bfb4500255a9d0"},{"url":"https://git.kernel.org/stable/c/61380537aa6dd32d8a723d98b8f1bd1b11d8fee0"},{"url":"https://git.kernel.org/stable/c/1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25"},{"url":"https://git.kernel.org/stable/c/7f9e833fc0f9b47be503af012eb5903086939754"},{"url":"https://git.kernel.org/stable/c/40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5"},{"url":"https://git.kernel.org/stable/c/f2649d98aa9ca8623149b3cb8df00c944f5655c7"},{"url":"https://git.kernel.org/stable/c/6afc9f4434fa8063aa768c2bf5bf98583aee0877"},{"url":"https://git.kernel.org/stable/c/d0aa72604fbd80c8aabb46eda00535ed35570f1f"}],"title":"quota: Fix potential NULL pointer dereference","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:21:04.234Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/8514899c1a4edf802f03c408db901063aa3f05a1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/49669f8e7eb053f91d239df7b1bfb4500255a9d0","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/61380537aa6dd32d8a723d98b8f1bd1b11d8fee0","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/7f9e833fc0f9b47be503af012eb5903086939754","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f2649d98aa9ca8623149b3cb8df00c944f5655c7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6afc9f4434fa8063aa768c2bf5bf98583aee0877","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/d0aa72604fbd80c8aabb46eda00535ed35570f1f","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-26878","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T15:48:25.754517Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:33:25.716Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T11:49:56.835Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.0","lessThan":"V3.1.5","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}]}]},"dataVersion":"5.2"}