5.5

CVE-2024-26773

EPSS 0.01%
Published 03.04.2024 17:15:53
Last modified 18.03.2025 16:47:14
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

Determine if the group block bitmap is corrupted before using ac_b_ex in
ext4_mb_try_best_found() to avoid allocating blocks from a group with a
corrupted block bitmap in the following concurrency and making the
situation worse.

ext4_mb_regular_allocator
  ext4_lock_group(sb, group)
  ext4_mb_good_group
   // check if the group bbitmap is corrupted
  ext4_mb_complex_scan_group
   // Scan group gets ac_b_ex but doesn't use it
  ext4_unlock_group(sb, group)
                           ext4_mark_group_bitmap_corrupted(group)
                           // The block bitmap was corrupted during
                           // the group unlock gap.
  ext4_mb_try_best_found
    ext4_lock_group(ac->ac_sb, group)
    ext4_mb_use_best_found
      mb_mark_used
      // Allocating blocks in block bitmap corrupted group

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 4.19.308

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.270

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.211

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.150

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.80

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.19

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.7

Linux ≫ Linux Kernel Version6.8 Updaterc1

Linux ≫ Linux Kernel Version6.8 Updaterc2

Debian ≫ Debian Linux Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.009

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Mailing List

https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1

Patch

https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea

Patch

https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d

Patch

https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53

Patch

https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5

Patch

https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03

Patch

https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe

Patch

https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-26773

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-26773

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-26773

EUVD