CVE-2024-42299

MEDIUM EPSS 11.3%
Published Aug 17, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mounted to another system with different PAGE_SIZE from the original system, log->page_size will change in log_replay(), but log->page_{mask,bits} don't change correspondingly. This will cause a panic because "u32 bytes = log->page_size - page_off" will get a negative value in the later read_log_page().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 6

  • git.kernel.org https://git.kernel.org/stable/c/0484adcb5fbcadd9ba0fd4485c42630f72e97da9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0484adcb5fbcadd9ba0fd4485c42630f72e97da9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521
    Patch