7.8

CVE-2024-50230

nilfs2: fix kernel bug due to missing clearing of checked flag

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix kernel bug due to missing clearing of checked flag

Syzbot reported that in directory operations after nilfs2 detects
filesystem corruption and degrades to read-only,
__block_write_begin_int(), which is called to prepare block writes, may
fail the BUG_ON check for accesses exceeding the folio/page size,
triggering a kernel bug.

This was found to be because the "checked" flag of a page/folio was not
cleared when it was discarded by nilfs2's own routine, which causes the
sanity check of directory entries to be skipped when the directory
page/folio is reloaded.  So, fix that.

This was necessary when the use of nilfs2's own page discard routine was
applied to more than just metadata files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.10 < 4.19.323
LinuxLinux Kernel Version >= 4.20 < 5.4.285
LinuxLinux Kernel Version >= 5.5 < 5.10.229
LinuxLinux Kernel Version >= 5.11 < 5.15.171
LinuxLinux Kernel Version >= 5.16 < 6.1.116
LinuxLinux Kernel Version >= 6.2 < 6.6.60
LinuxLinux Kernel Version >= 6.7 < 6.11.7
LinuxLinux Kernel Version6.12 Updaterc1
LinuxLinux Kernel Version6.12 Updaterc2
LinuxLinux Kernel Version6.12 Updaterc3
LinuxLinux Kernel Version6.12 Updaterc4
LinuxLinux Kernel Version6.12 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.183
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/41e192ad2779cae0102879612dfe46726e4396aa
Patch
https://git.kernel.org/stable/c/56c6171932a7fb267ac6cb4ff8759b93ee1d0e2e
Patch
https://git.kernel.org/stable/c/64afad73e4623308d8943645e5631f2c7a2d7971
Patch
https://git.kernel.org/stable/c/994b2fa13a6c9cf3feca93090a9c337d48e3d60d
Patch
https://git.kernel.org/stable/c/aa0cee46c5d3fd9a39575a4c8a4f65f25f095b89
Patch
https://git.kernel.org/stable/c/cd0cdb51b15203fa27d4b714be83b7dfffa0b752
Patch
https://git.kernel.org/stable/c/f05dbebb8ee34882505d53d83af7d18f28a49248
Patch
https://git.kernel.org/stable/c/f2f1fa446676c21edb777e6d2bc4fa8f956fab68
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html