In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix missing cleanup on rollforward recovery error
In an error injection test of a routine for mount-time recovery, KASAN
found a use-after-free bug.
It turned out that if data recovery was performed using partial logs
created by dsync writes, but an error occurred before starting the log
writer to create a recovered checkpoint, the inodes whose data had been
recovered were left in the ns_dirty_files list of the nilfs object and
were not freed.
Fix this issue by cleaning up inodes that have read the recovery data if
the recovery routine fails midway before the log writer starts.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Wed, 18 Sep 2024 07:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN found a use-after-free bug. It turned out that if data recovery was performed using partial logs created by dsync writes, but an error occurred before starting the log writer to create a recovered checkpoint, the inodes whose data had been recovered were left in the ns_dirty_files list of the nilfs object and were not freed. Fix this issue by cleaning up inodes that have read the recovery data if the recovery routine fails midway before the log writer starts. | |
Title | nilfs2: fix missing cleanup on rollforward recovery error | |
References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-09-18T07:12:37.603Z
Updated: 2024-09-18T07:12:37.603Z
Reserved: 2024-09-11T15:12:18.276Z
Link: CVE-2024-46781
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2024-09-18T08:15:05.527
Modified: 2024-09-20T12:30:51.220
Link: CVE-2024-46781
Redhat