CVE-2024-46781

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN found a use-after-free bug. It turned out that if data recovery was performed using partial logs created by dsync writes, but an error occurred before starting the log writer to create a recovered checkpoint, the inodes whose data had been recovered were left in the ns_dirty_files list of the nilfs object and were not freed. Fix this issue by cleaning up inodes that have read the recovery data if the recovery routine fails midway before the log writer starts.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*

History

23 Sep 2024, 16:37

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-416
References () https://git.kernel.org/stable/c/07e4dc2fe000ab008bcfe90be4324ef56b5b4355 - () https://git.kernel.org/stable/c/07e4dc2fe000ab008bcfe90be4324ef56b5b4355 - Patch
References () https://git.kernel.org/stable/c/1cf1f7e8cd47244fa947d357ef1f642d91e219a3 - () https://git.kernel.org/stable/c/1cf1f7e8cd47244fa947d357ef1f642d91e219a3 - Patch
References () https://git.kernel.org/stable/c/35a9a7a7d94662146396199b0cfd95f9517cdd14 - () https://git.kernel.org/stable/c/35a9a7a7d94662146396199b0cfd95f9517cdd14 - Patch
References () https://git.kernel.org/stable/c/5787fcaab9eb5930f5378d6a1dd03d916d146622 - () https://git.kernel.org/stable/c/5787fcaab9eb5930f5378d6a1dd03d916d146622 - Patch
References () https://git.kernel.org/stable/c/8e2d1e9d93c4ec51354229361ac3373058529ec4 - () https://git.kernel.org/stable/c/8e2d1e9d93c4ec51354229361ac3373058529ec4 - Patch
References () https://git.kernel.org/stable/c/9d8c3a585d564d776ee60d4aabec59b404be7403 - () https://git.kernel.org/stable/c/9d8c3a585d564d776ee60d4aabec59b404be7403 - Patch
References () https://git.kernel.org/stable/c/ca92c4bff2833cb30d493b935168d6cccd5c805d - () https://git.kernel.org/stable/c/ca92c4bff2833cb30d493b935168d6cccd5c805d - Patch
References () https://git.kernel.org/stable/c/da02f9eb333333b2e4f25d2a14967cff785ac82e - () https://git.kernel.org/stable/c/da02f9eb333333b2e4f25d2a14967cff785ac82e - Patch
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*

20 Sep 2024, 12:30

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: se corrige el error de limpieza faltante en la recuperación de avance En una prueba de inyección de errores de una rutina para la recuperación en tiempo de montaje, KASAN encontró un error de use after free. Resultó que si la recuperación de datos se realizaba utilizando registros parciales creados por escrituras dsync, pero se producía un error antes de iniciar el escritor de registros para crear un punto de control recuperado, los inodos cuyos datos se habían recuperado se dejaban en la lista ns_dirty_files del objeto nilfs y no se liberaban. Solucione este problema limpiando los inodos que han leído los datos de recuperación si la rutina de recuperación falla a mitad de camino antes de que se inicie el escritor de registros.

18 Sep 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-18 08:15

Updated : 2024-09-23 16:37


NVD link : CVE-2024-46781

Mitre link : CVE-2024-46781

CVE.ORG link : CVE-2024-46781


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free