CVE-2024-50230
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2024-50230. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix kernel bug due to missing clearing of checked flag
Syzbot reported that in directory operations after nilfs2 detects
filesystem corruption and degrades to read-only,
__block_write_begin_int(), which is called to prepare block writes, may
fail the BUG_ON check for accesses exceeding the folio/page size,
triggering a kernel bug.
This was found to be because the "checked" flag of a page/folio was not
cleared when it was discarded by nilfs2's own routine, which causes the
sanity check of directory entries to be skipped when the directory
page/folio is reloaded. So, fix that.
This was necessary when the use of nilfs2's own page discard routine was
applied to more than just metadata files.
Available Exploits
Related News
Affected Products
Affected Versions:
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: November 9, 2024, Modified: November 13, 2024