Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-26848HistoryApr 17, 2024 - 11:15 a.m.
CVE-2024-26848
2024-04-1711:15:08
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
27
linux kernel
vulnerability
afs module
endless loop
directory parsing
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix endless loop in directory parsing
If a directory has a block with only “.__afsXXXX” files in it (from
uncompleted silly-rename), these .__afsXXXX files are skipped but without
advancing the file position in the dir_context. This leads to
afs_dir_iterate() repeating the block again and again.
Fix this by making the code that skips the .__afsXXXX file also manually
advance the file position.
The symptoms are a soft lookup:
watchdog: BUG: soft lockup - CPU#3 stuck for 52s! [check:5737]
...
RIP: 0010:afs_dir_iterate_block+0x39/0x1fd
...
? watchdog_timer_fn+0x1a6/0x213
...
? asm_sysvec_apic_timer_interrupt+0x16/0x20
? afs_dir_iterate_block+0x39/0x1fd
afs_dir_iterate+0x10a/0x148
afs_readdir+0x30/0x4a
iterate_dir+0x93/0xd3
__do_sys_getdents64+0x6b/0xd4
This is almost certainly the actual fix for:
https://bugzilla.kernel.org/show_bug.cgi?id=218496
Affected configurations
Node
linuxlinux_kernelRange6.8–5.4.271
ORlinuxlinux_kernelRange5.5.0–5.4.273
ORlinuxlinux_kernelRange5.5.0–5.10.212
ORlinuxlinux_kernelRange5.11.0–5.10.214
ORlinuxlinux_kernelRange5.11.0–5.15.151
ORlinuxlinux_kernelRange5.16.0–5.15.153
ORlinuxlinux_kernelRange5.16.0–6.1.81
ORlinuxlinux_kernelRange6.2.0–6.1.83
ORlinuxlinux_kernelRange6.2.0–6.6.21
ORlinuxlinux_kernelRange6.7.0–6.6.23
ORlinuxlinux_kernelRange6.7.0–6.7.9
ORlinuxlinux_kernelRange6.8.0–6.7.11
ORlinuxlinux_kernelRange6.8.0–6.8.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/afs/dir.c"
],
"versions": [
{
"version": "01d15b68f041",
"lessThan": "5c78be006ed9",
"status": "affected",
"versionType": "git"
},
{
"version": "01d15b68f041",
"lessThan": "854ebf45a4dd",
"status": "affected",
"versionType": "git"
},
{
"version": "8499e2f1218e",
"lessThan": "96370ba395c5",
"status": "affected",
"versionType": "git"
},
{
"version": "8499e2f1218e",
"lessThan": "b94f434fe977",
"status": "affected",
"versionType": "git"
},
{
"version": "21a2115e0ca0",
"lessThan": "80b15346492b",
"status": "affected",
"versionType": "git"
},
{
"version": "21a2115e0ca0",
"lessThan": "a6ffae61ad9e",
"status": "affected",
"versionType": "git"
},
{
"version": "ab49164c6080",
"lessThan": "058ed71e0f7a",
"status": "affected",
"versionType": "git"
},
{
"version": "ab49164c6080",
"lessThan": "76426abf9b98",
"status": "affected",
"versionType": "git"
},
{
"version": "a53411e805e0",
"lessThan": "f67898867b6b",
"status": "affected",
"versionType": "git"
},
{
"version": "a53411e805e0",
"lessThan": "106e14ca55a0",
"status": "affected",
"versionType": "git"
},
{
"version": "fa70c6954aab",
"lessThan": "fe02316e4933",
"status": "affected",
"versionType": "git"
},
{
"version": "fa70c6954aab",
"lessThan": "9c41f4935625",
"status": "affected",
"versionType": "git"
},
{
"version": "57e9d49c5452",
"lessThan": "5f7a07646655",
"status": "affected",
"versionType": "git"
},
{
"version": "57e9d49c5452",
"lessThan": "2afdd0cb0232",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/afs/dir.c"
],
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
}
]
}
]References
git.kernel.org/stable/c/058ed71e0f7aa3b6694ca357e23d084e5d3f2470
git.kernel.org/stable/c/106e14ca55a0acb3236ee98813a1d243f8aa2d05
git.kernel.org/stable/c/2afdd0cb02329464d77f3ec59468395c791a51a4
git.kernel.org/stable/c/5c78be006ed9cb735ac2abf4fd64f3f4ea26da31
git.kernel.org/stable/c/5f7a07646655fb4108da527565dcdc80124b14c4
git.kernel.org/stable/c/76426abf9b980b46983f97de8e5b25047b4c9863
git.kernel.org/stable/c/80b15346492bdba677bbb0adefc611910e505f7b
git.kernel.org/stable/c/854ebf45a4ddd4cadeffb6644e88d19020634e1a
git.kernel.org/stable/c/96370ba395c572ef496fd2c7afc4a1ab3dedd3f0
git.kernel.org/stable/c/9c41f4935625218a2053a2dce1423c3054169809
git.kernel.org/stable/c/a6ffae61ad9ebf2fdcb943135b2f30c85f49cd27
git.kernel.org/stable/c/b94f434fe977689da4291dc21717790b9bd1c064
git.kernel.org/stable/c/f67898867b6b0f4542cddc7fe57997978b948a7a
git.kernel.org/stable/c/fe02316e4933befc621fa125efb8f8b4d04cceec
Related
redhatcve
redhatcve
CVE-2024-26848
2024-04-17 19:53:40
ubuntucve
ubuntucve
CVE-2024-26848
2024-04-17 00:00:00
debiancve
debiancve
CVE-2024-26848
2024-04-17 11:15:08
cvelist
cvelist
CVE-2024-26848 afs: Fix endless loop in directory parsing
2024-04-17 10:14:19
nvd
nvd
CVE-2024-26848
2024-04-17 11:15:08
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1490-1)
2024-05-07 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1659-1)
2024-05-24 00:00:00
Debian: Security Advisory (DSA-5681-1)
2024-05-07 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)
2024-06-07 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1659-1)
2024-05-16 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)
2024-05-04 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-07 00:00:00
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
osv
osv
linux - security update
2024-05-06 00:00:00