Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-35821

HIGH
Published 2024-05-17T13:23:24.350Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-35821. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.5
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.003
probability
of exploitation in the wild

There is a 0.3% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.490
Higher than 49.0% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Description

In the Linux kernel, the following vulnerability has been resolved:

ubifs: Set page uptodate in the correct place

Page cache reads are lockless, so setting the freshly allocated page
uptodate before we've overwritten it with the data it's supposed to have
in it will allow a simultaneous reader to see old data. Move the call
to SetPageUptodate into ubifs_write_end(), which is after we copied the
new data into the page.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux

Affected Versions:

1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d
Linux

Linux

Affected Versions:

2.6.27 0 4.19.312 5.4.274 5.10.215 5.15.154 6.1.84 6.6.24 6.7.12 6.8.3 6.9
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

1e51764a3c2a
linux

linux_kernel

Affected Versions:

2.6.27
linux

linux_kernel

Affected Versions:

0
linux

linux_kernel

Affected Versions:

4.19.312
linux

linux_kernel

Affected Versions:

5.4.274
linux

linux_kernel

Affected Versions:

5.10.215
linux

linux_kernel

Affected Versions:

5.15.154
linux

linux_kernel

Affected Versions:

6.1.84
linux

linux_kernel

Affected Versions:

6.6.24
linux

linux_kernel

Affected Versions:

6.7.12
linux

linux_kernel

Affected Versions:

6.8.3
linux

linux_kernel

Affected Versions:

6.9

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-vf5r-hx7h-7rvc

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in the correct place Page cache reads are lockless, so setting the freshly allocated page uptodate before we've overwritten it with the data it's supposed to have in it will allow a simultaneous reader to see old data. Move the call to SetPageUptodate into ubifs_write_end(), which is after we copied the new data into the page.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-35821
WEB https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
WEB https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
WEB https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
WEB https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
WEB https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
WEB https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
WEB https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
WEB https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
WEB https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
WEB https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
WEB https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2024, Modified: July 3, 2024

References

https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
Published: 2024-05-17T13:23:24.350Z
Last Modified: 2025-05-04T09:06:08.823Z
Copied to clipboard!