Lucene search
GoogleOSV:CVE-2024-40972HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40972
2024-07-1213:15:00
Google
osv.dev
4
linux kernel
ext4
vulnerability
In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking (which acquires locks on other buffers) under the buffer lock. This can even deadlock when the filesystem is corrupted and e.g. quota file is setup to contain xattr block as data block. Move the allocation of EA inode out of ext4_xattr_set_entry() into the callers.
Related
vulnrichment
vulnrichment
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
cve
cve
CVE-2024-40972
2024-07-12 13:15:18
redhatcve
redhatcve
CVE-2024-40972
2024-07-16 17:26:34
nvd
nvd
CVE-2024-40972
2024-07-12 13:15:18
debiancve
debiancve
CVE-2024-40972
2024-07-12 13:15:18
cvelist
cvelist
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
ubuntucve
ubuntucve
CVE-2024-40972
2024-07-12 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
osv
osv
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
linux-nvidia-6.8 vulnerabilities
2024-09-13 11:22:12
linux-azure vulnerabilities
2024-09-12 13:23:45
openvas
openvas
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00