2 matches found
CVE-2024-42304
In CVE-2024-42304, the Linux kernel ext4 filesystem had a hole-handling bug: if the first directory block is a hole (no dirblock) but a valid dentry exists, code relying on "."/".." could crash. The fix is to report filesystem corruption and return an error when ext4_read_dirblock() detects a hol...
CVE-2024-42312
CVE-2024-42312 relates to the Linux kernel vulnerability where sysctl did not consistently initialize i_uid/i_gid. The resolution initializes i_uid/i_gid inside the sysfs core so that set_ownership() can safely skip setting them. The change is documented as part of commit 5ec27ec735ba, which fixe...