CVE-2024-50230

HIGH

Linux Kernel nilfs2 Filesystem Out-of-bounds Write

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded by nilfs2's own routine, which causes the sanity check of directory entries to be skipped when the directory page/folio is reloaded. So, fix that. This was necessary when the use of nilfs2's own page discard routine was applied to more than just metadata files.

References (10)

Core 10
Core References

Scores

CVSS v3 7.8
EPSS 0.0027
EPSS Percentile 18.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (27)
linux/Kernel 3.10.0 - 4.19.323linux
linux/Kernel 4.20.0 - 5.4.285linux
linux/Kernel 5.11.0 - 5.15.171linux
linux/Kernel 5.16.0 - 6.1.116linux
linux/Kernel 5.5.0 - 5.10.229linux
linux/Kernel 6.2.0 - 6.6.60linux
linux/Kernel 6.7.0 - 6.11.7linux
Linux/Linux < 3.10
Linux/Linux 3.10
Linux/Linux 4.19.323 - 4.19.*
... and 17 more
Published Nov 09, 2024
Tracked Since Feb 18, 2026