The vulnerability of the `ovl_verify_area()` function in the `fs/overlayfs/copy_up.c` component of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the ovlverifyarea function in the fs/overlayfs/copyup.c component of the Linux kernel is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause a system failure...

CVE-2024-27069

In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARNON in ovlverifyarea syzbot hit an assertion in copy up data loop which looks like it is the result of a lower file whose size is being changed underneath overlayfs. This type of use case is documented to cause...

CVE-2024-27069

CVE-2024-27069 affects the Linux kernel overlayfs ovl_verify_area path. The issue was a WARN_ON assertion triggered by syzbot’s copy-up loop when a lower file’s size changes underneath overlayfs. The documented fix relaxes the WARN_ON in ovl_verify_area and aligns error handling (returning EIO fo...

CVE-2024-27069 ovl: relax WARN_ON in ovl_verify_area()

In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARNON in ovlverifyarea syzbot hit an assertion in copy up data loop which looks like it is the result of a lower file whose size is being changed underneath overlayfs. This type of use case is documented to cause...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a security flaw in the function ovlverifyarea...