CVE-2024-50010

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> exec: don&amp;#39;t WARN for racy path_noexec check<br /> <br /> Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact<br /> of the previous implementation. They used to legitimately check for the<br /> condition, but that got moved up in two commits:<br /> 633fb6ac3980 ("exec: move S_ISREG() check earlier")<br /> 0fd338b2d2cd ("exec: move path_noexec() check earlier")<br /> <br /> Instead of being removed said checks are WARN_ON&amp;#39;ed instead, which<br /> has some debug value.<br /> <br /> However, the spurious path_noexec check is racy, resulting in<br /> unwarranted warnings should someone race with setting the noexec flag.<br /> <br /> One can note there is more to perm-checking whether execve is allowed<br /> and none of the conditions are guaranteed to still hold after they were<br /> tested for.<br /> <br /> Additionally this does not validate whether the code path did any perm<br /> checking to begin with -- it will pass if the inode happens to be<br /> regular.<br /> <br /> Keep the redundant path_noexec() check even though it&amp;#39;s mindless<br /> nonsense checking for guarantee that isn&amp;#39;t given so drop the WARN.<br /> <br /> Reword the commentary and do small tidy ups while here.<br /> <br /> [brauner: keep redundant path_noexec() check]