CVE-2024-49859

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check atomic_file in f2fs ioctl interfaces Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(), f2fs_move_file_range(), and f2fs_defragment_range() missed to check atomic_write status, which may cause potential race issue, fix it.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

22 Oct 2024, 16:13

Type Values Removed Values Added
CWE NVD-CWE-noinfo CWE-362
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 4.7

22 Oct 2024, 15:24

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/10569b682ebe9c75ef06ddd322ae844e9be6374b - () https://git.kernel.org/stable/c/10569b682ebe9c75ef06ddd322ae844e9be6374b - Patch
References () https://git.kernel.org/stable/c/26b07bd2e1f124b0e430c8d250023f7205c549c3 - () https://git.kernel.org/stable/c/26b07bd2e1f124b0e430c8d250023f7205c549c3 - Patch
References () https://git.kernel.org/stable/c/7cb51731f24b216b0b87942f519f2c67a17107ee - () https://git.kernel.org/stable/c/7cb51731f24b216b0b87942f519f2c67a17107ee - Patch
References () https://git.kernel.org/stable/c/bfe5c02654261bfb8bd9cb174a67f3279ea99e58 - () https://git.kernel.org/stable/c/bfe5c02654261bfb8bd9cb174a67f3279ea99e58 - Patch
References () https://git.kernel.org/stable/c/d6f08c88047accc6127dddb6798a3ff11321539d - () https://git.kernel.org/stable/c/d6f08c88047accc6127dddb6798a3ff11321539d - Patch
First Time Linux linux Kernel
Linux
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: corrección para verificar atomic_file en las interfaces ioctl de f2fs Algunas interfaces ioctl de f2fs como f2fs_ioc_set_pin_file(), f2fs_move_file_range() y f2fs_defragment_range() no pudieron verificar el estado de atomic_write, lo que puede causar un posible problema de ejecución. Corríjalo.
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3

21 Oct 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 13:15

Updated : 2024-10-22 16:13


NVD link : CVE-2024-49859

Mitre link : CVE-2024-49859

CVE.ORG link : CVE-2024-49859


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')