CVE-2024-42306

2024-08-1709:15:10

Linux

web.nvd.nist.gov

linux kernel

vulnerability

cve-2024-42306

corrupted block bitmap buffer

filesystem

bh_verified

AI Score

6.8

Confidence

High

EPSS

Percentile

10.8%

JSON

In the Linux kernel, the following vulnerability has been resolved:

udf: Avoid using corrupted block bitmap buffer

When the filesystem block bitmap is corrupted, we detect the corruption
while loading the bitmap and fail the allocation with error. However the
next allocation from the same bitmap will notice the bitmap buffer is
already loaded and tries to allocate from the bitmap with mixed results
(depending on the exact nature of the bitmap corruption). Fix the
problem by using BH_verified bit to indicate whether the bitmap is valid
or not.

Affected configurations

Vulners

Node

linuxlinux_kernelRange6.3–5.4.282

linuxlinux_kernelRange5.5.0–5.10.224

linuxlinux_kernelRange5.11.0–5.15.165

linuxlinux_kernelRange5.16.0–6.1.103

linuxlinux_kernelRange6.2.0–6.6.44

linuxlinux_kernelRange6.7.0–6.10.3

linuxlinux_kernelRange6.11.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/udf/balloc.c",
      "fs/udf/super.c"
    ],
    "versions": [
      {
        "version": "7648ea9896b3",
        "lessThan": "cae9e59cc416",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4ac54312f623",
        "lessThan": "2199e157a465",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "099bf90d7fc4",
        "lessThan": "6a43e3c210df",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6ac8f2c8362a",
        "lessThan": "271cab2ca006",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1e0d4adf17e7",
        "lessThan": "57053b3bcf34",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1e0d4adf17e7",
        "lessThan": "8ca170c39eca",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1e0d4adf17e7",
        "lessThan": "a90d4471146d",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/udf/balloc.c",
      "fs/udf/super.c"
    ],
    "versions": [
      {
        "version": "6.3",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.3",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.282",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.224",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.165",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.103",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.44",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.3",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]