CVE-2024-49965

ocfs2: remove unreasonable unlock in ocfs2_read_blocks

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: remove unreasonable unlock in ocfs2_read_blocks

Patch series "Misc fixes for ocfs2_read_blocks", v5.

This series contains 2 fixes for ocfs2_read_blocks(). The first patch fix
the issue reported by syzbot, which detects bad unlock balance in
ocfs2_read_blocks(). The second patch fixes an issue reported by Heming
Zhao when reviewing above fix.

This patch (of 2):

There was a lock release before exiting, so remove the unreasonable unlock.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-10-21 CVE Reserved
2024-10-21 CVE Published
2024-11-08 EPSS Updated
2024-11-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (14)

URL	Tag	Source
https://git.kernel.org/stable/c/6c150df9c2e80b5cf86f5a0d98beb7390ad63bfc	Vuln. Introduced
https://git.kernel.org/stable/c/cf76c78595ca87548ca5e45c862ac9e0949c4687	Vuln. Introduced
https://git.kernel.org/stable/c/01f93d5e36753fc4d06ec67f05ce78c9c6f2dd56	Vuln. Introduced
https://git.kernel.org/stable/c/65cbd1279f4b999d56a838344a30642db24cd215	Vuln. Introduced
https://git.kernel.org/stable/c/97e1db17bc1ef4c2e1789bc9323c7be44fba53f8	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/5245f109b4afb6595360d4c180d483a6d2009a59	2024-11-08
https://git.kernel.org/stable/c/9753bcb17b36c9add9b32c61766ddf8d2d161911	2024-11-08
https://git.kernel.org/stable/c/3f1ca6ba5452d53c598a45d21267a2c0c221eef3	2024-10-17
https://git.kernel.org/stable/c/f55a33fe0fb5274ef185fd61947cf142138958af	2024-10-17
https://git.kernel.org/stable/c/81aba693b129e82e11bb54f569504d943d018de9	2024-10-17
https://git.kernel.org/stable/c/84543da867c967edffd5065fa910ebf56aaae49d	2024-10-10
https://git.kernel.org/stable/c/df4f20fc3673cee11abf2c571987a95733cb638d	2024-10-10
https://git.kernel.org/stable/c/39a88623af3f1c686bf6db1e677ed865ffe6fccc	2024-10-10
https://git.kernel.org/stable/c/c03a82b4a0c935774afa01fd6d128b444fd930a1	2024-09-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.87 < 4.19.323 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.87 < 4.19.323"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.4.285 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.285"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.10.227 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.10.227"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.15.168 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.15.168"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.1.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.1.113"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.6.55 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.6.55"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.10.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.10.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.11.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.11.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.4.204 Search vendor "Linux" for product "Linux Kernel" and version "4.4.204"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.204 Search vendor "Linux" for product "Linux Kernel" and version "4.9.204"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.157 Search vendor "Linux" for product "Linux Kernel" and version "4.14.157"		en		Affected