We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-53147

exfat: fix out-of-bounds access of directory entries



Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system corruption, then the directory entry where ei->hint_femp.eidx hint is outside the directory, resulting in an out-of-bounds access, which may cause further file system corruption. This commit adds a check for start_clu, if it is an invalid cluster, the file or directory will be treated as empty.

Reserved 2024-11-19 | Published 2024-12-24 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003 before a0120d6463368378539ef928cf067d02372efb8c
affected

1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003 before 3ddd1cb2b458ff6a193bc845f408dfff217db29e
affected

1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003 before 184fa506e392eb78364d9283c961217ff2c0617b
affected

Default status
affected

5.7
affected

Any version before 5.7
unaffected

6.11.11
unaffected

6.12.2
unaffected

6.13
unaffected

References

git.kernel.org/...c/a0120d6463368378539ef928cf067d02372efb8c

git.kernel.org/...c/3ddd1cb2b458ff6a193bc845f408dfff217db29e

git.kernel.org/...c/184fa506e392eb78364d9283c961217ff2c0617b

cve.org (CVE-2024-53147)

nvd.nist.gov (CVE-2024-53147)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-53147

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.