CVE-2024-50230
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
09/11/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
nilfs2: fix kernel bug due to missing clearing of checked flag<br />
<br />
Syzbot reported that in directory operations after nilfs2 detects<br />
filesystem corruption and degrades to read-only,<br />
__block_write_begin_int(), which is called to prepare block writes, may<br />
fail the BUG_ON check for accesses exceeding the folio/page size,<br />
triggering a kernel bug.<br />
<br />
This was found to be because the "checked" flag of a page/folio was not<br />
cleared when it was discarded by nilfs2&#39;s own routine, which causes the<br />
sanity check of directory entries to be skipped when the directory<br />
page/folio is reloaded. So, fix that.<br />
<br />
This was necessary when the use of nilfs2&#39;s own page discard routine was<br />
applied to more than just metadata files.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.10 (including) | 4.19.323 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.285 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.229 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.171 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.116 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.60 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.11.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/41e192ad2779cae0102879612dfe46726e4396aa
- https://git.kernel.org/stable/c/56c6171932a7fb267ac6cb4ff8759b93ee1d0e2e
- https://git.kernel.org/stable/c/64afad73e4623308d8943645e5631f2c7a2d7971
- https://git.kernel.org/stable/c/994b2fa13a6c9cf3feca93090a9c337d48e3d60d
- https://git.kernel.org/stable/c/aa0cee46c5d3fd9a39575a4c8a4f65f25f095b89
- https://git.kernel.org/stable/c/cd0cdb51b15203fa27d4b714be83b7dfffa0b752
- https://git.kernel.org/stable/c/f05dbebb8ee34882505d53d83af7d18f28a49248
- https://git.kernel.org/stable/c/f2f1fa446676c21edb777e6d2bc4fa8f956fab68
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html