We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47757

nilfs2: fix potential oob read in nilfs_btree_check_delete()



AssignerLinux
Reserved2024-09-30
Published2024-10-21
Updated2024-10-21

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree entry, causes memory access outside the block buffer when retrieving the maximum key if the root node has no entries. This does not usually happen because b-tree mappings with 0 child nodes are never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen if the b-tree root node read from a device is configured that way, so fix this potential issue by adding a check for that case.

Product status

Default status
unaffected

17c76b0104e4 before d20674f31626
affected

17c76b0104e4 before c4f8554996e8
affected

17c76b0104e4 before a8abfda768b9
affected

17c76b0104e4 before 257f9e5185eb
affected

17c76b0104e4 before a33e967b681e
affected

17c76b0104e4 before c4cbcc64bb31
affected

17c76b0104e4 before f9c96351aa67
affected

Default status
affected

2.6.30
affected

Any version before 2.6.30
unaffected

5.10.227
unaffected

5.15.168
unaffected

6.1.113
unaffected

6.6.54
unaffected

6.10.13
unaffected

6.11.2
unaffected

6.12-rc1
unaffected

References

https://git.kernel.org/stable/c/d20674f31626e0596ae4c1d9401dfb6739b81b58

https://git.kernel.org/stable/c/c4f8554996e8ada3be872dfb8f60e93bcf15fb27

https://git.kernel.org/stable/c/a8abfda768b9f33630cfbc4af6c4214f1e5681b0

https://git.kernel.org/stable/c/257f9e5185eb6de83377caea686c306e22e871f2

https://git.kernel.org/stable/c/a33e967b681e088a125b979975c93e3453e686cd

https://git.kernel.org/stable/c/c4cbcc64bb31e67e02940ce060cc77f7180564cf

https://git.kernel.org/stable/c/f9c96351aa6718b42a9f42eaf7adce0356bdb5e8

cve.org CVE-2024-47757

nvd.nist.gov CVE-2024-47757

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.