Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-40972HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40972
2024-07-1213:15:18
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
4
linux kernel
vulnerability
cve-2024-40972
ext4
buffer lock
ea inode
xattr block
EPSS
0
Percentile
16.4%
In the Linux kernel, the following vulnerability has been resolved:
ext4: do not create EA inode under buffer lock
ext4_xattr_set_entry() creates new EA inodes while holding buffer lock
on the external xattr block. This is problematic as it nests all the
allocation locking (which acquires locks on other buffers) under the
buffer lock. This can even deadlock when the filesystem is corrupted and
e.g. quota file is setup to contain xattr block as data block. Move the
allocation of EA inode out of ext4_xattr_set_entry() into the callers.
Related
vulnrichment
vulnrichment
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
cve
cve
CVE-2024-40972
2024-07-12 13:15:18
redhatcve
redhatcve
CVE-2024-40972
2024-07-16 17:26:34
debiancve
debiancve
CVE-2024-40972
2024-07-12 13:15:18
osv
osv
CVE-2024-40972
2024-07-12 13:15:00
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
linux-nvidia-6.8 vulnerabilities
2024-09-13 11:22:12
cvelist
cvelist
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
ubuntucve
ubuntucve
CVE-2024-40972
2024-07-12 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00