CVE-2024-26955

nilfs2: prevent kernel bug at submit_bh_wbc()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: prevent kernel bug at submit_bh_wbc()

Fix a bug where nilfs_get_block() returns a successful status when
searching and inserting the specified block both fail inconsistently. If
this inconsistent behavior is not due to a previously fixed bug, then an
unexpected race is occurring, so return a temporary error -EAGAIN instead.

This prevents callers such as __block_write_begin_int() from requesting a
read into a buffer that is not mapped, which would cause the BUG_ON check
for the BH_Mapped flag in submit_bh_wbc() to fail.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: nilfs2: previene el error del kernel en submit_bh_wbc(). Se corrige un error por el cual nilfs_get_block() devuelve un estado exitoso cuando la búsqueda y la inserción del bloque especificado fallan de manera inconsistente. Si este comportamiento inconsistente no se debe a un error solucionado previamente, entonces se está produciendo una ejecución inesperada, por lo que se devuelve un error temporal -EAGAIN. Esto evita que llamadores como __block_write_begin_int() soliciten una lectura en un búfer que no está asignado, lo que provocaría que falle la verificación BUG_ON del indicador BH_Mapped en submit_bh_wbc().

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-05-01 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/1f5abe7e7dbcd83e73212c6cb135a6106cea6a0b	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/91e4c4595fae5e87069e44687ae879091783c183	2024-04-13
https://git.kernel.org/stable/c/32eaee72e96590a75445c8a6c7c1057673b47e07	2024-04-13
https://git.kernel.org/stable/c/f0fe7ad5aff4f0fcf988913313c497de85f1e186	2024-04-13
https://git.kernel.org/stable/c/ca581d237f3b8539c044205bb003de71d75d227c	2024-04-10
https://git.kernel.org/stable/c/192e9f9078c96be30b31c4b44d6294b24520fce5	2024-04-03
https://git.kernel.org/stable/c/0c8aa4cfda4e4adb15d5b6536d155eca9c9cd44c	2024-04-03
https://git.kernel.org/stable/c/48d443d200237782dc82e6b60663ec414ef02e39	2024-04-03
https://git.kernel.org/stable/c/76ffbe911e2798c7296968f5fd72f7bf67207a8d	2024-04-03
https://git.kernel.org/stable/c/269cdf353b5bdd15f1a079671b0f889113865f20	2024-03-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 4.19.312 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.19.312"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.4.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.4.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.10.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.10.215"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.15.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.15.154"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 6.1.84 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.1.84"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.6.24"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.7.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.8.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.9"		en		Affected