CVE-2024-58092

Advisory lineage Upstream: 0 Downstream: 16

Downstream

DEBIAN-CVE-2024-58092 UBUNTU-CVE-2024-58092 USN-7605-1 USN-7605-2 USN-7606-1 USN-7628-1

Analyzed

Published: 16 Apr 2025, 10:24

Last modified:11 May 2026, 21:03

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.03% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Apr 2025, 10:24

Published

Vulnerability first disclosed

11 May 2026, 21:03

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4_legacy_tracking_ops->init() call in check_for_legacy_methods(). That will be handled in the caller (nfsd4_client_tracking_init()). Otherwise, we'll wind up calling nfsd4_legacy_tracking_ops->init() twice, and the second time we'll trigger the BUG_ON() in nfsd4_init_recdir().

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.03%• Percentile: 8%

Affected Systems

linux•linux
≥ 74fd48739d0488e39ae18b0168720f449a06690c, < 95407304253a4bf03494d921c6913e220c26cc63 | ≥ 74fd48739d0488e39ae18b0168720f449a06690c, < cdd66082b227eb695cbf54b7c121ea032e869981 | ≥ 74fd48739d0488e39ae18b0168720f449a06690c, < de71d4e211eddb670b285a0ea477a299601ce1ca | 6.8
linux•linux_kernel
≥ 6.8, < 6.12.22 | ≥ 6.13, < 6.13.10