7.1

CVE-2024-39469

nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

The error handling in nilfs_empty_dir() when a directory folio/page read
fails is incorrect, as in the old ext2 implementation, and if the
folio/page cannot be read or nilfs_check_folio() fails, it will falsely
determine the directory as empty and corrupt the file system.

In addition, since nilfs_empty_dir() does not immediately return on a
failed folio/page read, but continues to loop, this can cause a long loop
with I/O if i_size of the directory's inode is also corrupted, causing the
log writer thread to wait and hang, as reported by syzbot.

Fix these issues by making nilfs_empty_dir() immediately return a false
value (0) if it fails to get a directory folio/page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.30 < 4.19.317
LinuxLinux Kernel Version >= 4.20 < 5.4.279
LinuxLinux Kernel Version >= 5.5 < 5.10.221
LinuxLinux Kernel Version >= 5.11 < 5.15.162
LinuxLinux Kernel Version >= 5.16 < 6.1.95
LinuxLinux Kernel Version >= 6.2 < 6.6.35
LinuxLinux Kernel Version >= 6.7 < 6.9.5
LinuxLinux Kernel Version6.10 Updaterc1
LinuxLinux Kernel Version6.10 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.157
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/11a2edb70356a2202dcb7c9c189c8356ab4752cd
Patch
https://git.kernel.org/stable/c/129dcd3e7d036218db3f59c82d82004b9539ed82
Patch
https://git.kernel.org/stable/c/2ac8a2fe22bdde9eecce2a42cf5cab79333fb428
Patch
https://git.kernel.org/stable/c/405b71f1251e5ae865f53bd27c45114e6c83bee3
Patch
https://git.kernel.org/stable/c/59f14875a96ef93f05b82ad3c980605f2cb444b5
Patch
https://git.kernel.org/stable/c/7373a51e7998b508af7136530f3a997b286ce81c
Patch
https://git.kernel.org/stable/c/c77ad608df6c091fe64ecb91f41ef7cb465587f1
Patch
https://git.kernel.org/stable/c/d18b05eda7fa77f02114f15b02c009f28ee42346
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html