5.5

CVE-2024-47740

EPSS 0.04%
Published 21.10.2024 13:15:04
Last modified 03.11.2025 23:16:21
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

f2fs: Require FMODE_WRITE for atomic write ioctls

The F2FS ioctls for starting and committing atomic writes check for
inode_owner_or_capable(), but this does not give LSMs like SELinux or
Landlock an opportunity to deny the write access - if the caller's FSUID
matches the inode's UID, inode_owner_or_capable() immediately returns true.

There are scenarios where LSMs want to deny a process the ability to write
particular files, even files that the FSUID of the process owns; but this
can currently partially be bypassed using atomic write ioctls in two ways:

 - F2FS_IOC_START_ATOMIC_REPLACE + F2FS_IOC_COMMIT_ATOMIC_WRITE can
   truncate an inode to size 0
 - F2FS_IOC_START_ATOMIC_WRITE + F2FS_IOC_ABORT_ATOMIC_WRITE can revert
   changes another process concurrently made to a file

Fix it by requiring FMODE_WRITE for these operations, just like for
F2FS_IOC_MOVE_RANGE. Since any legitimate caller should only be using these
ioctls when intending to write into the file, that seems unlikely to break
anything.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 3.18 < 4.19.323

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.285

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.227

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.168

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.113

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.54

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.13

Linux ≫ Linux Kernel Version >= 6.11 < 6.11.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.128

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/000bab8753ae29a259feb339b99ee759795a48ac

Patch

https://git.kernel.org/stable/c/32f348ecc149e9ca70a1c424ae8fa9b6919d2713

Patch

https://git.kernel.org/stable/c/4583290898c13c2c2e5eb8773886d153c2c5121d

Patch

https://git.kernel.org/stable/c/4ce87674c3a6b4d3b3d45f85b584ab8618a3cece

Patch

https://git.kernel.org/stable/c/4f5a100f87f32cb65d4bb1ad282a08c92f6f591e

Patch

https://git.kernel.org/stable/c/5e0de753bfe87768ebe6744d869caa92f35e5731

Patch

https://git.kernel.org/stable/c/700f3a7c7fa5764c9f24bbf7c78e0b6e479fa653

Patch

https://git.kernel.org/stable/c/88ff021e1fea2d9b40b2d5efd9013c89f7be04ac

Patch

https://git.kernel.org/stable/c/f3bfac2cabf5333506b263bc0c8497c95302f32d

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-47740

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-47740

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-47740

EUVD