CVE-2024-41034

Updated: 2024-09-13 03:31:37.751027

Description:

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug on rename operation of broken directory Syzbot reported that in rename directory operation on broken directory on nilfs2, __block_write_begin_int() called to prepare block write may fail BUG_ON check for access exceeding the folio/page size. This is because nilfs_dotdot(), which gets parent directory reference entry ("..") of the directory to be moved or renamed, does not check consistency enough, and may return location exceeding folio/page size for broken directories. Fix this issue by checking required directory entries ("." and "..") in the first chunk of the directory in nilfs_dotdot().


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
Ubuntu 16.04 ELS linux 4.4.0 5.5 MEDIUM Ignored 2024-09-13 12:19:00
Ubuntu 18.04 ELS linux 4.15.0 5.5 MEDIUM Not Vulnerable 2024-10-02 05:29:32