cve-2024-50116
Vulnerability from cvelistv5
Published
2024-11-05 17:10
Modified
2024-12-19 09:33
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293fPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7abPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aaPatch
Impacted products
Vendor Product Version
Linux Linux Version: 3.10
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/page.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "033bc52f35868c2493a2d95c56ece7fc155d7cb3",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "412a30b1b28d6073ba29c46a2b0f324c5936293f",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "822203f6355f4b322d21e7115419f6b98284be25",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "27524f65621f490184f2ace44cd8e5f3685af4a3",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "743c78d455e784097011ea958b27396001181567",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "c6f58ff2d4c552927fe9a187774e668ebba6c7aa",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            },
            {
              "lessThan": "6ed469df0bfbef3e4b44fca954a781919db9f7ab",
              "status": "affected",
              "version": "8c26c4e2694a163d525976e804d81cd955bbb40c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/page.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.10"
            },
            {
              "lessThan": "3.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.323",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.170",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.115",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.59",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.12",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel bug due to missing clearing of buffer delay flag\n\nSyzbot reported that after nilfs2 reads a corrupted file system image\nand degrades to read-only, the BUG_ON check for the buffer delay flag\nin submit_bh_wbc() may fail, causing a kernel bug.\n\nThis is because the buffer delay flag is not cleared when clearing the\nbuffer state flags to discard a page/folio or a buffer head. So, fix\nthis.\n\nThis became necessary when the use of nilfs2\u0027s own page clear routine\nwas expanded.  This state inconsistency does not occur if the buffer\nis written normally by log writing."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:33:25.038Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3"
        },
        {
          "url": "https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f"
        },
        {
          "url": "https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25"
        },
        {
          "url": "https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab"
        }
      ],
      "title": "nilfs2: fix kernel bug due to missing clearing of buffer delay flag",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-50116",
    "datePublished": "2024-11-05T17:10:47.336Z",
    "dateReserved": "2024-10-21T19:36:19.948Z",
    "dateUpdated": "2024-12-19T09:33:25.038Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-50116\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-05T18:15:14.763\",\"lastModified\":\"2024-11-08T19:17:01.350\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnilfs2: fix kernel bug due to missing clearing of buffer delay flag\\n\\nSyzbot reported that after nilfs2 reads a corrupted file system image\\nand degrades to read-only, the BUG_ON check for the buffer delay flag\\nin submit_bh_wbc() may fail, causing a kernel bug.\\n\\nThis is because the buffer delay flag is not cleared when clearing the\\nbuffer state flags to discard a page/folio or a buffer head. So, fix\\nthis.\\n\\nThis became necessary when the use of nilfs2\u0027s own page clear routine\\nwas expanded.  This state inconsistency does not occur if the buffer\\nis written normally by log writing.\"},{\"lang\":\"es\",\"value\":\" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: se corrige un error del kernel debido a la falta de limpieza del indicador de retraso del b\u00fafer Syzbot inform\u00f3 que despu\u00e9s de que nilfs2 lee una imagen de sistema de archivos corrupta y se degrada a solo lectura, la comprobaci\u00f3n BUG_ON para el indicador de retraso del b\u00fafer en submission_bh_wbc() puede fallar, lo que provoca un error del kernel. Esto se debe a que el indicador de retraso del b\u00fafer no se borra al borrar los indicadores de estado del b\u00fafer para descartar una p\u00e1gina/folio o un encabezado de b\u00fafer. Por lo tanto, solucione esto. Esto se volvi\u00f3 necesario cuando se expandi\u00f3 el uso de la propia rutina de limpieza de p\u00e1ginas de nilfs2. Esta inconsistencia de estado no ocurre si el b\u00fafer se escribe normalmente mediante la escritura de registro.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.10\",\"versionEndExcluding\":\"4.19.323\",\"matchCriteriaId\":\"4275189E-11C2-4607-92FC-0606E12A465F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.285\",\"matchCriteriaId\":\"B5A89369-320F-47FC-8695-56F61F87E4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.229\",\"matchCriteriaId\":\"1A03CABE-9B43-4E7F-951F-10DEEADAA426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.170\",\"matchCriteriaId\":\"A9BA1C73-2D2E-45E3-937B-276A28AEB5FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.115\",\"matchCriteriaId\":\"C08A77A6-E42E-4EFD-B5A1-2BF6CBBB42AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.59\",\"matchCriteriaId\":\"5D15CA59-D15C-4ACD-8B03-A072DEAD2081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.6\",\"matchCriteriaId\":\"E4486B12-007B-4794-9857-F07145637AA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.