CVE-2024-35821
ubifs: Set page uptodate in the correct place
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
ubifs: Set page uptodate in the correct place
Page cache reads are lockless, so setting the freshly allocated page
uptodate before we've overwritten it with the data it's supposed to have
in it will allow a simultaneous reader to see old data. Move the call
to SetPageUptodate into ubifs_write_end(), which is after we copied the
new data into the page.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ubifs: establece la actualización de la página en el lugar correcto. Las lecturas de la caché de la página no tienen bloqueo, por lo que configurar la actualización de la página recién asignada antes de que la sobrescribamos con los datos que se supone que debe contener lo hará. permitir que un lector simultáneo vea datos antiguos. Mueva la llamada a SetPageUptodate a ubifs_write_end(), que es después de que copiamos los nuevos datos en la página.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-05-17 CVE Reserved
- 2024-05-17 CVE Published
- 2024-05-18 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (12)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 4.19.312 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 4.19.312" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 5.4.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 5.4.274" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 5.10.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 5.10.215" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 5.15.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 5.15.154" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 6.1.84 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 6.1.84" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 6.6.24" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 6.7.12" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 6.8.3" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.27 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.27 < 6.9" | en |
Affected
|