CVE-2024-47669

MEDIUM EPSS 11.4%
Published Oct 9, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 9, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 ("nilfs2: separate wait function from nilfs_segctor_write") was applied, the log writing function nilfs_segctor_do_construct() was able to issue I/O requests continuously even if user data blocks were split into multiple logs across segments, but two potential flaws were introduced in its error handling. First, if nilfs_segctor_begin_construction() fails while creating the second or subsequent logs, the log writing function returns without calling nilfs_segctor_abort_construction(), so the writeback flag set on pages/folios will remain uncleared. This causes page cache operations to hang waiting for the writeback flag. For example, truncate_inode_pages_final(), which is called via nilfs_evict_inode() when an inode is evicted from memory, will hang. Second, the NILFS_I_COLLECTED flag set on normal inodes remain uncleared. As a result, if the next log write involves checkpoint creation, that's fine, but if a partial log write is performed that does not, inodes with NILFS_I_COLLECTED set are erroneously removed from the "sc_dirty_files" list, and their data and b-tree blocks may not be written to the device, corrupting the block mapping. Fix these issues by uniformly calling nilfs_segctor_abort_construction() on failure of each step in the loop in nilfs_segctor_do_construct(), having it clean up logs and segment usages according to progress, and correcting the conditions for calling nilfs_redirty_inodes() to ensure that the NILFS_I_COLLECTED flag is cleared.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel*≥2.6.33  –  <4.19.322
linuxlinux_kernel*≥4.20  –  <5.4.284
linuxlinux_kernel*≥5.5  –  <5.10.226
linuxlinux_kernel*≥5.11  –  <5.15.167
linuxlinux_kernel*≥5.16  –  <6.1.110
linuxlinux_kernel*≥6.2  –  <6.6.51
linuxlinux_kernel*≥6.7  –  <6.10.10
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/036441e8438b29111fa75008f0ce305fb4e83c0a
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/0a1a961bde4351dc047ffdeb2f1311ca16a700cc
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/30562eff4a6dd35c4b5be9699ef61ad9f5f20a06
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/3e349d7191f0688fc9808ef24fd4e4b4ef5ca876
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/40a2757de2c376ef8a08d9ee9c81e77f3c750adf
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/6576dd6695f2afca3f4954029ac4a64f82ba60ab
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/74866c16ea2183f52925fa5d76061a1fe7f7737b
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/efdde00d4a1ef10bb71e09ebc67823a3d3ad725b
    Mailing ListPatch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/036441e8438b29111fa75008f0ce305fb4e83c0a
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/0a1a961bde4351dc047ffdeb2f1311ca16a700cc
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/30562eff4a6dd35c4b5be9699ef61ad9f5f20a06
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/3e349d7191f0688fc9808ef24fd4e4b4ef5ca876
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/40a2757de2c376ef8a08d9ee9c81e77f3c750adf
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/6576dd6695f2afca3f4954029ac4a64f82ba60ab
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/74866c16ea2183f52925fa5d76061a1fe7f7737b
    Mailing ListPatch
  • git.kernel.org https://git.kernel.org/stable/c/efdde00d4a1ef10bb71e09ebc67823a3d3ad725b
    Mailing ListPatch