4 matches found
CVE-2024-47740
In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...
CVE-2024-47740 f2fs: Require FMODE_WRITE for atomic write ioctls
In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...
CVE-2024-47740 f2fs: Require FMODE_WRITE for atomic write ioctls
In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...
CVE-2024-47740
The CVE-2024-47740 issue affects the Linux kernel F2FS atomic-write ioctls. Previously, F2FS_IOC_START_ATOMIC_REPLACE/COMMIT_ATOMIC_WRITE could bypass LSM deny checks because inode_owner_or_capable() could return true when the caller’s FSUID matched the inode UID. The fix requires FMODE_WRITE for...