CVE-2024-27035 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

f2fs: compress: fix to guarantee persisting compressed blocks by CP

If data block in compressed cluster is not persisted with metadata
during checkpoint, after SPOR, the data may be corrupted, let's
guarantee to write compressed page by checkpoint.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532
https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed
https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00
https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684
https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d
https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27035-1628@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-27035
https://www.cve.org/CVERecord?id=CVE-2024-27035

History

Wed, 06 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-01T12:53:43.155Z

Updated: 2025-05-04T09:02:46.678Z

Reserved: 2024-02-19T14:20:24.211Z

Link: CVE-2024-27035

Vulnrichment

Updated: 2024-08-02T00:21:05.950Z

NVD

Status : Awaiting Analysis

Published: 2024-05-01T13:15:49.360

Modified: 2024-11-21T09:03:42.797

Link: CVE-2024-27035

Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-27035 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-13T21:07:03Z

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27035", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.211Z", "datePublished": "2024-05-01T12:53:43.155Z", "dateUpdated": "2025-05-04T09:02:46.678Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:02:46.678Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to guarantee persisting compressed blocks by CP\n\nIf data block in compressed cluster is not persisted with metadata\nduring checkpoint, after SPOR, the data may be corrupted, let's\nguarantee to write compressed page by checkpoint."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c", "fs/f2fs/data.c", "fs/f2fs/f2fs.h"], "versions": [{"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "e54cce8137258a550b49cae45d09e024821fb28d", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "82704e598d7b33c7e45526e34d3c585426319bed", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "c3311694b9bcced233548574d414c91d39214684", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "57e8b17d0522c8f4daf0c4d9969b4d7358033532", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "8a430dd49e9cb021372b0ad91e60aeef9c6ced00", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c", "fs/f2fs/data.c", "fs/f2fs/f2fs.h"], "versions": [{"version": "5.6", "status": "affected"}, {"version": "0", "lessThan": "5.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.1.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"}, {"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"}, {"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"}, {"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"}, {"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"}], "title": "f2fs: compress: fix to guarantee persisting compressed blocks by CP", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:40:14.613391Z", "id": "CVE-2024-27035", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:45:34.458Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.950Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.950Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27035", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T17:40:14.613391Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:40:15.766Z"}}], "cna": {"title": "f2fs: compress: fix to guarantee persisting compressed blocks by CP", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "e54cce8137258a550b49cae45d09e024821fb28d", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "82704e598d7b33c7e45526e34d3c585426319bed", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "c3311694b9bcced233548574d414c91d39214684", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "57e8b17d0522c8f4daf0c4d9969b4d7358033532", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "8a430dd49e9cb021372b0ad91e60aeef9c6ced00", "versionType": "git"}], "programFiles": ["fs/f2fs/compress.c", "fs/f2fs/data.c", "fs/f2fs/f2fs.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.6"}, {"status": "unaffected", "version": "0", "lessThan": "5.6", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/f2fs/compress.c", "fs/f2fs/data.c", "fs/f2fs/f2fs.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"}, {"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"}, {"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"}, {"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"}, {"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to guarantee persisting compressed blocks by CP\n\nIf data block in compressed cluster is not persisted with metadata\nduring checkpoint, after SPOR, the data may be corrupted, let's\nguarantee to write compressed page by checkpoint."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.23", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.11", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.2", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "5.6"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:02:46.678Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27035", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:02:46.678Z", "dateReserved": "2024-02-19T14:20:24.211Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T12:53:43.155Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to guarantee persisting compressed blocks by CP\n\nIf data block in compressed cluster is not persisted with metadata\nduring checkpoint, after SPOR, the data may be corrupted, let's\nguarantee to write compressed page by checkpoint."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: compress: correcci\u00f3n para garantizar la persistencia de los bloques comprimidos por CP. Si el bloque de datos en el cl\u00faster comprimido no persiste con los metadatos durante el punto de control, despu\u00e9s de SPOR, los datos pueden estar da\u00f1ados, garanticemos que escribir p\u00e1gina comprimida por punto de control."}], "id": "CVE-2024-27035", "lastModified": "2024-11-21T09:03:42.797", "metrics": {}, "published": "2024-05-01T13:15:49.360", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}