CVE-2024-26773

MEDIUM

Linux Kernel < 4.19.308, 4.20.0-6.7.7 - Use-After-Free in ext4_mb_try_best_found

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a group with a corrupted block bitmap in the following concurrency and making the situation worse. ext4_mb_regular_allocator ext4_lock_group(sb, group) ext4_mb_good_group // check if the group bbitmap is corrupted ext4_mb_complex_scan_group // Scan group gets ac_b_ex but doesn't use it ext4_unlock_group(sb, group) ext4_mark_group_bitmap_corrupted(group) // The block bitmap was corrupted during // the group unlock gap. ext4_mb_try_best_found ext4_lock_group(ac->ac_sb, group) ext4_mb_use_best_found mb_mark_used // Allocating blocks in block bitmap corrupted group

References (10)

Core 10
Core References

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 3.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (28)
debian/debian_linux 10.0
linux/Kernel 3.12.0 - 4.19.308linux
linux/Kernel 4.20.0 - 5.4.270linux
linux/Kernel 5.11.0 - 5.15.150linux
linux/Kernel 5.16.0 - 6.1.80linux
linux/Kernel 5.5.0 - 5.10.211linux
linux/Kernel 6.2.0 - 6.6.19linux
linux/Kernel 6.7.0 - 6.7.7linux
Linux/Linux < 3.12
Linux/Linux 163a203ddb36c36d4a1c942aececda0cc8d06aa7 - 0184747b552d6b5a14db3b7fcc3b792ce64dedd1
... and 18 more
Published Apr 03, 2024
Tracked Since Feb 18, 2026