Fix for Missing Checked Flag Clearing in nilfs2
CVE-2024-50230

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 November 2024

What is CVE-2024-50230?

A vulnerability in the nilfs2 file system within the Linux kernel has been identified concerning the handling of directory operations. When nilfs2 detects filesystem corruption, it can degrade to a read-only state. This situation may lead to a failure in preparing block writes, resulting in a triggered kernel bug due to an unchecked 'checked' flag associated with pages or folios. The failure to reset this flag, particularly when the nilfs2 discard routine affects files beyond just metadata, allows the sanity check of directory entries to be bypassed when the directory page or folio is reloaded. This oversight highlights the importance of proper page flag handling to maintain filesystem integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c < 994b2fa13a6c9cf3feca93090a9c337d48e3d60d

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c < 64afad73e4623308d8943645e5631f2c7a2d7971

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c

References

https://git.kernel.org/stable/c/994b2fa13a6c9cf3feca93090...
https://git.kernel.org/stable/c/64afad73e4623308d8943645e...
https://git.kernel.org/stable/c/aa0cee46c5d3fd9a39575a4c8...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.