fkie_cve-2024-35821
Vulnerability from fkie_nvd
Published
2024-05-17 14:15
Modified
2024-11-21 09:20
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in the correct place Page cache reads are lockless, so setting the freshly allocated page uptodate before we've overwritten it with the data it's supposed to have in it will allow a simultaneous reader to see old data. Move the call to SetPageUptodate into ubifs_write_end(), which is after we copied the new data into the page.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Set page uptodate in the correct place\n\nPage cache reads are lockless, so setting the freshly allocated page\nuptodate before we\u0027ve overwritten it with the data it\u0027s supposed to have\nin it will allow a simultaneous reader to see old data.  Move the call\nto SetPageUptodate into ubifs_write_end(), which is after we copied the\nnew data into the page."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ubifs: establece la actualizaci\u00f3n de la p\u00e1gina en el lugar correcto. Las lecturas de la cach\u00e9 de la p\u00e1gina no tienen bloqueo, por lo que configurar la actualizaci\u00f3n de la p\u00e1gina reci\u00e9n asignada antes de que la sobrescribamos con los datos que se supone que debe contener lo har\u00e1. permitir que un lector simult\u00e1neo vea datos antiguos. Mueva la llamada a SetPageUptodate a ubifs_write_end(), que es despu\u00e9s de que copiamos los nuevos datos en la p\u00e1gina."
    }
  ],
  "id": "CVE-2024-35821",
  "lastModified": "2024-11-21T09:20:58.240",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-17T14:15:17.373",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-772"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.