CVE-2024-46781

Updated: 2026-02-27 02:14:20.148982

Description:

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN found a use-after-free bug. It turned out that if data recovery was performed using partial logs created by dsync writes, but an error occurred before starting the log writer to create a recovered checkpoint, the inodes whose data had been recovered were left in the ns_dirty_files list of the nilfs object and were not freed. Fix this issue by cleaning up inodes that have read the recovery data if the recovery routine fails midway before the log writer starts.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-30 10:45:11 This bug is confined to the NILFS2 filesystem’s mount‑time roll‑forward recovery path after an...
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-30 10:45:11 Ignored due to low severity
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-30 10:45:10 Ignored due to low severity
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-30 10:45:11 Ignored due to low severity
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-30 10:45:11 Ignored due to low severity
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-30 10:45:10 Ignored due to low severity
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-30 10:45:11 Ignored due to low severity
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-30 10:45:10 Ignored due to low severity
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-30 10:45:10 Ignored due to low severity
Oracle Linux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-12-03 12:09:21 Ignored due to low severity
Total: 15