Lucene search
Redhat.comRH:CVE-2024-40972HistoryJul 16, 2024 - 5:26 p.m.
CVE-2024-40972
2024-07-1617:26:34
redhat.com
access.redhat.com
10
linux kernel
cve-2024-40972
ext4 vulnerability
buffer lock
ea inode creation
In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking (which acquires locks on other buffers) under the buffer lock. This can even deadlock when the filesystem is corrupted and e.g. quota file is setup to contain xattr block as data block. Move the allocation of EA inode out of ext4_xattr_set_entry() into the callers.
Related
nvd
nvd
CVE-2024-40972
2024-07-12 13:15:18
debiancve
debiancve
CVE-2024-40972
2024-07-12 13:15:18
vulnrichment
vulnrichment
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
cve
cve
CVE-2024-40972
2024-07-12 13:15:18
osv
osv
CVE-2024-40972
2024-07-12 13:15:00
linux-azure vulnerabilities
2024-09-12 13:23:45
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
cvelist
cvelist
CVE-2024-40972 ext4: do not create EA inode under buffer lock
2024-07-12 12:32:10
ubuntucve
ubuntucve
CVE-2024-40972
2024-07-12 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00