CVE-2024-50116

nilfs2: fix kernel bug due to missing clearing of buffer delay flag

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix kernel bug due to missing clearing of buffer delay flag

Syzbot reported that after nilfs2 reads a corrupted file system image
and degrades to read-only, the BUG_ON check for the buffer delay flag
in submit_bh_wbc() may fail, causing a kernel bug.

This is because the buffer delay flag is not cleared when clearing the
buffer state flags to discard a page/folio or a buffer head. So, fix
this.

This became necessary when the use of nilfs2's own page clear routine
was expanded. This state inconsistency does not occur if the buffer
is written normally by log writing.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: se corrige un error del kernel debido a la falta de limpieza del indicador de retraso del búfer Syzbot informó que después de que nilfs2 lee una imagen de sistema de archivos corrupta y se degrada a solo lectura, la comprobación BUG_ON para el indicador de retraso del búfer en submission_bh_wbc() puede fallar, lo que provoca un error del kernel. Esto se debe a que el indicador de retraso del búfer no se borra al borrar los indicadores de estado del búfer para descartar una página/folio o un encabezado de búfer. Por lo tanto, solucione esto. Esto se volvió necesario cuando se expandió el uso de la propia rutina de limpieza de páginas de nilfs2. Esta inconsistencia de estado no ocurre si el búfer se escribe normalmente mediante la escritura de registro.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-10-21 CVE Reserved
2024-11-05 CVE Published
2024-11-05 CVE Updated
2024-11-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25	2024-11-01
https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3	2024-11-01
https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567	2024-11-01
https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa	2024-11-01
https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab	2024-10-16

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 5.15.170 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 5.15.170"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 6.1.115 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 6.1.115"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 6.6.59 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 6.6.59"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 6.11.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 6.11.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 6.12-rc5 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 6.12-rc5"		en		Affected