CVE-2024-49965

MEDIUM

Linux Kernel 4.4.204-4.8.17 - Improper Locking in ocfs2_read_blocks

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove unreasonable unlock in ocfs2_read_blocks Patch series "Misc fixes for ocfs2_read_blocks", v5. This series contains 2 fixes for ocfs2_read_blocks(). The first patch fix the issue reported by syzbot, which detects bad unlock balance in ocfs2_read_blocks(). The second patch fixes an issue reported by Heming Zhao when reviewing above fix. This patch (of 2): There was a lock release before exiting, so remove the unreasonable unlock.

References (11)

Core 11
Core References

Scores

CVSS v3 5.5
EPSS 0.0019
EPSS Percentile 8.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-667
Status published
Products (28)
Linux/Linux < 4.20
Linux/Linux 01f93d5e36753fc4d06ec67f05ce78c9c6f2dd56
Linux/Linux 4.14.157 - 4.15
Linux/Linux 4.19.323 - 4.19.*
Linux/Linux 4.19.87 - 4.19.323
Linux/Linux 4.20
Linux/Linux 4.4.204 - 4.5
Linux/Linux 4.9.204 - 4.10
Linux/Linux 5.10.227 - 5.10.*
Linux/Linux 5.15.168 - 5.15.*
... and 18 more
Published Oct 21, 2024
Tracked Since Feb 18, 2026