CVE-2024-46781

MEDIUM

Linux Kernel Use-After-Free in NILFS2 Rollforward Recovery

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN found a use-after-free bug. It turned out that if data recovery was performed using partial logs created by dsync writes, but an error occurred before starting the log writer to create a recovered checkpoint, the inodes whose data had been recovered were left in the ns_dirty_files list of the nilfs object and were not freed. Fix this issue by cleaning up inodes that have read the recovery data if the recovery routine fails midway before the log writer starts.

References (10)

Core 10
Core References

Scores

CVSS v3 5.5
EPSS 0.0024
EPSS Percentile 15.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-416
Status published
Products (27)
linux/Kernel 2.6.30 - 4.19.322linux
linux/Kernel 4.20.0 - 5.4.284linux
linux/Kernel 5.11.0 - 5.15.167linux
linux/Kernel 5.16.0 - 6.1.110linux
linux/Kernel 5.5.0 - 5.10.226linux
linux/Kernel 6.2.0 - 6.6.51linux
linux/Kernel 6.7.0 - 6.10.10linux
Linux/Linux < 2.6.30
Linux/Linux 0f3e1c7f23f8a6f8224fa1d275381f6d9279ad4b - 07e4dc2fe000ab008bcfe90be4324ef56b5b4355
Linux/Linux 0f3e1c7f23f8a6f8224fa1d275381f6d9279ad4b - 1cf1f7e8cd47244fa947d357ef1f642d91e219a3
... and 17 more
Published Sep 18, 2024
Tracked Since Feb 18, 2026