Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-39469
HistoryJun 25, 2024 - 2:28 p.m.

CVE-2024-39469 nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

2024-06-2514:28:55
Linux
www.cve.org
4
cve-2024-39469
nilfs2
long loop
i/o errors
linux kernel
directory folio/page
file system
log writer thread

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

The error handling in nilfs_empty_dir() when a directory folio/page read
fails is incorrect, as in the old ext2 implementation, and if the
folio/page cannot be read or nilfs_check_folio() fails, it will falsely
determine the directory as empty and corrupt the file system.

In addition, since nilfs_empty_dir() does not immediately return on a
failed folio/page read, but continues to loop, this can cause a long loop
with I/O if i_size of the directory’s inode is also corrupted, causing the
log writer thread to wait and hang, as reported by syzbot.

Fix these issues by making nilfs_empty_dir() immediately return a false
value (0) if it fails to get a directory folio/page.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/nilfs2/dir.c"
    ],
    "versions": [
      {
        "version": "2ba466d74ed7",
        "lessThan": "129dcd3e7d03",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2ba466d74ed7",
        "lessThan": "d18b05eda7fa",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2ba466d74ed7",
        "lessThan": "59f14875a96e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2ba466d74ed7",
        "lessThan": "7373a51e7998",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/nilfs2/dir.c"
    ],
    "versions": [
      {
        "version": "2.6.30",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.30",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.95",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.35",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.9.5",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10-rc3",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

nvd 1
debiancve 1
cve 1
redhatcve 1
nvd
nvd
CVE-2024-39469
2024-06-25 15:15:15
debiancve
debiancve
CVE-2024-39469
2024-06-25 15:15:15
cve
cve
CVE-2024-39469
2024-06-25 15:15:15
redhatcve
redhatcve
CVE-2024-39469
2024-06-25 20:52:31

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for CVELIST:CVE-2024-39469
nvd1debiancve1cve1redhatcve1