CVE-2024-34027

HIGH

Linux Kernel 5.8-6.9.3 Filesystem Metadata Corruption via Compression Block Race Condition

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock to avoid racing with checkpoint, otherwise, filesystem metadata including blkaddr in dnode, inode fields and .total_valid_block_count may be corrupted after SPO case.

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b

Patch

https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182

Patch

https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f

Patch

https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b

Patch

https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4

Patch

https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Scores

CVSS v3 7.0

EPSS 0.0023

EPSS Percentile 13.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-770

Status published

Products (20)

linux/Kernel 5.11.0 - 5.15.161linux

linux/Kernel 5.16.0 - 6.1.93linux

linux/Kernel 5.8.0 - 5.10.219linux

linux/Kernel 6.2.0 - 6.6.33linux

linux/Kernel 6.7.0 - 6.9.4linux

Linux/Linux < 5.8

Linux/Linux 5.10.219 - 5.10.*

Linux/Linux 5.15.161 - 5.15.*

Linux/Linux 5.8

Linux/Linux 6.1.93 - 6.1.*

... and 10 more

Published Jun 24, 2024

Tracked Since Feb 18, 2026