CVE-2024-40913 cachefiles: defer exposing anon_fd until after copy_to_user() succeeds

🗓️ 12 Jul 2024 12:24:57Reported by LinuxType

cachefiles: fix cache UAF by deferring exposing anon_fd until after successful copy_to_user(

Reporter	Title	Published	Views	Family All 115
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-836)	5 Feb 202500:00	–	nessus
Tenable Nessus	Debian dla-4008 : linux-config-6.1 - security update	3 Jan 202500:00	–	nessus
Tenable Nessus	Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update	16 Jul 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2519)	9 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2544)	9 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2024-2763)	27 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2024-2781)	27 Oct 202400:00	–	nessus
Tenable Nessus	MiracleLinux 9 : kernel-5.14.0-503.11.1.el9_5 (AXSA:2025-9528:03)	20 Jan 202600:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 7.02 : kernel Multiple Vulnerabilities (NS-SA-2025-0084)	9 Jun 202500:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 7.02 : kernel Multiple Vulnerabilities (NS-SA-2025-0118)	25 Jul 202500:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cachefiles/ondemand.c"
    ],
    "versions": [
      {
        "version": "c8383054506c77b814489c09877b5db83fd4abf2",
        "lessThan": "eac51d9daacd61dcc93333ff6a890cf3efc8c1c0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c8383054506c77b814489c09877b5db83fd4abf2",
        "lessThan": "d2d3eb377a5d081bf2bed177d354a4f59b74da88",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c8383054506c77b814489c09877b5db83fd4abf2",
        "lessThan": "b9f58cdae6a364a3270fd6b6a46e0fd4f7f8ce32",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c8383054506c77b814489c09877b5db83fd4abf2",
        "lessThan": "4b4391e77a6bf24cba2ef1590e113d9b73b11039",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cachefiles/ondemand.c"
    ],
    "versions": [
      {
        "version": "5.19",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.19",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.95",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.35",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.9.6",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.10",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/d2d3eb377a5d081bf2bed177d354a4f59b74da88
git	www.git.kernel.org/stable/c/eac51d9daacd61dcc93333ff6a890cf3efc8c1c0
git	www.git.kernel.org/stable/c/4b4391e77a6bf24cba2ef1590e113d9b73b11039
git	www.git.kernel.org/stable/c/b9f58cdae6a364a3270fd6b6a46e0fd4f7f8ce32

11 May 2026 20:22Current

EPSS0.00287