CVE-2024-26972 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26972-bf6c@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26972
https://www.cve.org/CVERecord?id=CVE-2024-26972

History

Thu, 19 Dec 2024 12:30:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/3faea7810e2b3e9a9a92ef42d7e5feaeb8ff7133 https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa

Thu, 19 Dec 2024 12:15:00 +0000

Type	Values Removed	Values Added
Title	ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path	kernel: ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 19 Dec 2024 11:30:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path For error handling path in ubifs_symlink(), inode will be marked as bad first, then iput() is invoked. If inode->i_link is initialized by fscrypt_encrypt_symlink() in encryption scenario, inode->i_link won't be freed by callchain ubifs_free_inode -> fscrypt_free_inode in error handling path, because make_bad_inode() has changed 'inode->i_mode' as 'S_IFREG'. Following kmemleak is easy to be reproduced by injecting error in ubifs_jnl_update() when doing symlink in encryption scenario: unreferenced object 0xffff888103da3d98 (size 8): comm "ln", pid 1692, jiffies 4294914701 (age 12.045s) backtrace: kmemdup+0x32/0x70 __fscrypt_encrypt_symlink+0xed/0x1c0 ubifs_symlink+0x210/0x300 [ubifs] vfs_symlink+0x216/0x360 do_symlinkat+0x11a/0x190 do_syscall_64+0x3b/0xe0 There are two ways fixing it: 1. Remove make_bad_inode() in error handling path. We can do that because ubifs_evict_inode() will do same processes for good symlink inode and bad symlink inode, for inode->i_nlink checking is before is_bad_inode(). 2. Free inode->i_link before marking inode bad. Method 2 is picked, it has less influence, personally, I think.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Thu, 10 Oct 2024 11:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/3faea7810e2b3e9a9a92ef42d7e5feaeb8ff7133

Thu, 26 Sep 2024 19:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-05-01T05:20:04.669Z

Updated: 2024-12-19T11:17:20.490Z

Reserved: 2024-02-19T14:20:24.202Z

Link: CVE-2024-26972

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2024-05-01T06:15:13.597

Modified: 2024-12-19T12:15:06.507

Link: CVE-2024-26972

Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-26972 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object