CVE-2024-35948

Summary

In the Linux kernel, the following vulnerability has been resolved:

bcachefs: Check for journal entries overruning end of sb clean section

Fix a missing bounds check in superblock validation.

Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is checksummed, validated prior to write, and we have backups.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a < fcdbc1d7a4b638e5d5668de461f320386f3002aaaffected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References