AZL-48486 CVE-2024-42311 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfsinodeinfo after hfsallocinode Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ===================================================== BUG:...

CVE-2024-42297

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

AZL-49746 CVE-2024-42297 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

DEBIAN-CVE-2024-42296

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:...

DEBIAN-CVE-2024-42297

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

UBUNTU-CVE-2024-42296

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:...

UBUNTU-CVE-2024-42311

In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfsinodeinfo after hfsallocinode Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ===================================================== BUG:...

UBUNTU-CVE-2024-42312

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

UBUNTU-CVE-2024-42297

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42297

CVE-2024-42297 concerns a Linux kernel f2fs issue where inodes are marked dirty during operations on a readonly filesystem, triggering a kernel panic during unmount. Root cause chain: do_sys_open -> f2fs_lookup -> __f2fs_find_entry -> f2fs_i_depth_write -> f2fs_mark_inode_dirty_sync -...

CVE-2024-42297 f2fs: fix to don't dirty inode for readonly filesystem

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42297 f2fs: fix to don't dirty inode for readonly filesystem

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42297 f2fs: fix to don't dirty inode for readonly filesystem

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42297

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42296 f2fs: fix return value of f2fs_convert_inline_inode()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:...

CVE-2024-42296 f2fs: fix return value of f2fs_convert_inline_inode()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:...

CVE-2024-42296 f2fs: fix return value of f2fs_convert_inline_inode()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from f2fs failing to properly handle read-only devices in the f2fsconvertinlineinode function, resulting in an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to always initialize iuid/igid...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to properly initialize fields of the hfsinodeinfo structure...