CVE-2024-53112
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-05 11:30
Severity ?
EPSS score ?
Summary
ocfs2: uncache inode which has failed entering the group
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/resize.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ac0cfe8ac35c",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "620d22598110",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "843dfc804af4",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "b751c50e19d6",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "737f34137844",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/resize.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.25"
},
{
"lessThan": "2.6.25",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.325",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: uncache inode which has failed entering the group\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/ocfs2/uptodate.c:509!\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? do_error_trap+0x1dc/0x2c0\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? __pfx_do_error_trap+0x10/0x10\n ? handle_invalid_op+0x34/0x40\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? ocfs2_set_new_buffer_uptodate+0x2e/0x160\n ? ocfs2_set_new_buffer_uptodate+0x144/0x160\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ocfs2_group_add+0x39f/0x15a0\n ? __pfx_ocfs2_group_add+0x10/0x10\n ? __pfx_lock_acquire+0x10/0x10\n ? mnt_get_write_access+0x68/0x2b0\n ? __pfx_lock_release+0x10/0x10\n ? rcu_read_lock_any_held+0xb7/0x160\n ? __pfx_rcu_read_lock_any_held+0x10/0x10\n ? smack_log+0x123/0x540\n ? mnt_get_write_access+0x68/0x2b0\n ? mnt_get_write_access+0x68/0x2b0\n ? mnt_get_write_access+0x226/0x2b0\n ocfs2_ioctl+0x65e/0x7d0\n ? __pfx_ocfs2_ioctl+0x10/0x10\n ? smack_file_ioctl+0x29e/0x3a0\n ? __pfx_smack_file_ioctl+0x10/0x10\n ? lockdep_hardirqs_on_prepare+0x43d/0x780\n ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10\n ? __pfx_ocfs2_ioctl+0x10/0x10\n __se_sys_ioctl+0xfb/0x170\n do_syscall_64+0xf3/0x230\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n \u003c/TASK\u003e\n\nWhen \u0027ioctl(OCFS2_IOC_GROUP_ADD, ...)\u0027 has failed for the particular\ninode in \u0027ocfs2_verify_group_and_input()\u0027, corresponding buffer head\nremains cached and subsequent call to the same \u0027ioctl()\u0027 for the same\ninode issues the BUG() in \u0027ocfs2_set_new_buffer_uptodate()\u0027 (trying\nto cache the same buffer head of that inode). Fix this by uncaching\nthe buffer head with \u0027ocfs2_remove_from_cache()\u0027 on error path in\n\u0027ocfs2_group_add()\u0027."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T11:30:00.806Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ac0cfe8ac35cf1be54131b90d114087b558777ca"
},
{
"url": "https://git.kernel.org/stable/c/620d22598110b0d0cb97a3fcca65fc473ea86e73"
},
{
"url": "https://git.kernel.org/stable/c/843dfc804af4b338ead42331dd58081b428ecdf8"
},
{
"url": "https://git.kernel.org/stable/c/b751c50e19d66cfb7360c0b55cf17b0722252d12"
},
{
"url": "https://git.kernel.org/stable/c/737f34137844d6572ab7d473c998c7f977ff30eb"
}
],
"title": "ocfs2: uncache inode which has failed entering the group",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53112",
"datePublished": "2024-12-02T13:44:44.387Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-05T11:30:00.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53112\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-02T14:15:11.997\",\"lastModified\":\"2024-12-11T20:28:19.407\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nocfs2: uncache inode which has failed entering the group\\n\\nSyzbot has reported the following BUG:\\n\\nkernel BUG at fs/ocfs2/uptodate.c:509!\\n...\\nCall Trace:\\n \u003cTASK\u003e\\n ? __die_body+0x5f/0xb0\\n ? die+0x9e/0xc0\\n ? do_trap+0x15a/0x3a0\\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\\n ? do_error_trap+0x1dc/0x2c0\\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\\n ? __pfx_do_error_trap+0x10/0x10\\n ? handle_invalid_op+0x34/0x40\\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\\n ? exc_invalid_op+0x38/0x50\\n ? asm_exc_invalid_op+0x1a/0x20\\n ? ocfs2_set_new_buffer_uptodate+0x2e/0x160\\n ? ocfs2_set_new_buffer_uptodate+0x144/0x160\\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\\n ocfs2_group_add+0x39f/0x15a0\\n ? __pfx_ocfs2_group_add+0x10/0x10\\n ? __pfx_lock_acquire+0x10/0x10\\n ? mnt_get_write_access+0x68/0x2b0\\n ? __pfx_lock_release+0x10/0x10\\n ? rcu_read_lock_any_held+0xb7/0x160\\n ? __pfx_rcu_read_lock_any_held+0x10/0x10\\n ? smack_log+0x123/0x540\\n ? mnt_get_write_access+0x68/0x2b0\\n ? mnt_get_write_access+0x68/0x2b0\\n ? mnt_get_write_access+0x226/0x2b0\\n ocfs2_ioctl+0x65e/0x7d0\\n ? __pfx_ocfs2_ioctl+0x10/0x10\\n ? smack_file_ioctl+0x29e/0x3a0\\n ? __pfx_smack_file_ioctl+0x10/0x10\\n ? lockdep_hardirqs_on_prepare+0x43d/0x780\\n ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10\\n ? __pfx_ocfs2_ioctl+0x10/0x10\\n __se_sys_ioctl+0xfb/0x170\\n do_syscall_64+0xf3/0x230\\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n...\\n \u003c/TASK\u003e\\n\\nWhen \u0027ioctl(OCFS2_IOC_GROUP_ADD, ...)\u0027 has failed for the particular\\ninode in \u0027ocfs2_verify_group_and_input()\u0027, corresponding buffer head\\nremains cached and subsequent call to the same \u0027ioctl()\u0027 for the same\\ninode issues the BUG() in \u0027ocfs2_set_new_buffer_uptodate()\u0027 (trying\\nto cache the same buffer head of that inode). Fix this by uncaching\\nthe buffer head with \u0027ocfs2_remove_from_cache()\u0027 on error path in\\n\u0027ocfs2_group_add()\u0027.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: anular la cach\u00e9 de un nodo que no ha podido entrar en el grupo Syzbot ha informado del siguiente ERROR: ERROR del kernel en fs/ocfs2/uptodate.c:509! ... Seguimiento de llamadas: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_trap+0x15a/0x3a0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? do_error_trap+0x1dc/0x2c0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? __pfx_do_error_trap+0x10/0x10 ? handle_invalid_op+0x34/0x40 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? exc_invalid_op+0x38/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? ocfs2_set_new_buffer_uptodate+0x2e/0x160 ? ocfs2_set_new_buffer_uptodate+0x144/0x160 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ocfs2_group_add+0x39f/0x15a0 ? __pfx_ocfs2_group_add+0x10/0x10 ? __pfx_lock_acquire+0x10/0x10 ? __pfx_ocfs2_ioctl+0x65e/0x7d0 ? __pfx_smack_file_ioctl+0x29e/0x3a0 ? __pfx_smack_file_ioctl+0x10/0x10 ? bloqueo_dep_hardirqs_en_preparar+0x43d/0x780 ? lockdep_hardirqs_on_prepare+0x10/0x10 ? __pfx_ocfs2_ioctl+0x10/0x10 __se_sys_ioctl+0xfb/0x170 do_syscall_64+0xf3/0x230 entry_SYSCALL_64_after_hwframe+0x77/0x7f ... Cuando \u0027ioctl(OCFS2_IOC_GROUP_ADD, ...)\u0027 ha fallado para el inodo particular en \u0027ocfs2_verify_group_and_input()\u0027, el cabezal de b\u00fafer correspondiente permanece en cach\u00e9 y la llamada posterior al mismo \u0027ioctl()\u0027 para el mismo inodo emite el BUG() en \u0027ocfs2_set_new_buffer_uptodate()\u0027 (intentando almacenar en cach\u00e9 el mismo cabezal de b\u00fafer de ese inodo). Solucione este problema quitando el cach\u00e9 del encabezado del b\u00fafer con \u0027ocfs2_remove_from_cache()\u0027 en la ruta de error en \u0027ocfs2_group_add()\u0027.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.25\",\"versionEndExcluding\":\"4.19.325\",\"matchCriteriaId\":\"FEB31F82-F68B-4515-A54D-46D35F5CA5D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"6.1.119\",\"matchCriteriaId\":\"6B7FAECA-414B-4BFF-905E-5DC7092800A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.63\",\"matchCriteriaId\":\"8800BB45-48BC-4B52-BDA5-B1E4633F42E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.10\",\"matchCriteriaId\":\"C256F46A-AFDD-4B99-AA4F-67D9D9D2C55A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B88717-53F5-42AA-9B72-14C707639E3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EF8CD82-1EAE-4254-9545-F85AB94CF90F\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/620d22598110b0d0cb97a3fcca65fc473ea86e73\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/737f34137844d6572ab7d473c998c7f977ff30eb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/843dfc804af4b338ead42331dd58081b428ecdf8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ac0cfe8ac35cf1be54131b90d114087b558777ca\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b751c50e19d66cfb7360c0b55cf17b0722252d12\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.