{"uuid": "20ce0288-ca61-490a-a514-23cebde154f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50014", "type": "seen", "source": "https://t.me/cvedetector/8537", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50014 - EXT4 Linux Kernel Spinlock Initialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50014 \nPublished : Oct. 21, 2024, 7:15 p.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \next4: fix access to uninitialised lock in fc replay path  \n  \nThe following kernel trace can be triggered with fstest generic/629 when  \nexecuted against a filesystem with fast-commit feature enabled:  \n  \nINFO: trying to register non-static key.  \nThe code is fine but needs lockdep annotation, or maybe  \nyou didn't initialize this object before use?  \nturning off the locking correctness validator.  \nCPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11  \nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014  \nCall Trace:  \n   \n dump_stack_lvl+0x66/0x90  \n register_lock_class+0x759/0x7d0  \n __lock_acquire+0x85/0x2630  \n ? __find_get_block+0xb4/0x380  \n lock_acquire+0xd1/0x2d0  \n ? __ext4_journal_get_write_access+0xd5/0x160  \n _raw_spin_lock+0x33/0x40  \n ? __ext4_journal_get_write_access+0xd5/0x160  \n __ext4_journal_get_write_access+0xd5/0x160  \n ext4_reserve_inode_write+0x61/0xb0  \n __ext4_mark_inode_dirty+0x79/0x270  \n ? ext4_ext_replay_set_iblocks+0x2f8/0x450  \n ext4_ext_replay_set_iblocks+0x330/0x450  \n ext4_fc_replay+0x14c8/0x1540  \n ? jread+0x88/0x2e0  \n ? rcu_is_watching+0x11/0x40  \n do_one_pass+0x447/0xd00  \n jbd2_journal_recover+0x139/0x1b0  \n jbd2_journal_load+0x96/0x390  \n ext4_load_and_init_journal+0x253/0xd40  \n ext4_fill_super+0x2cc6/0x3180  \n...  \n  \nIn the replay path there's an attempt to lock sbi->s_bdev_wb_lock in  \nfunction ext4_check_bdev_write_error().  Unfortunately, at this point this  \nspinlock has not been initialized yet.  Moving it's initialization to an  \nearlier point in __ext4_fill_super() fixes this splat. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T21:52:43.000000Z"}