CVE-2024-41086
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
bcachefs: Fix sb_field_downgrade validation
bch2_sb_downgrade_validate() wasn't checking for a downgrade entry extending past the end of the superblock section
for_each_downgrade_entry() is used in to_text() and needs to work on malformed input; it also was missing a check for a field extending past the end of the section
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 84f1638795da1ff2084597de4251e9054f1ad728 < bf920ed92ef24dcd6970c88881cd4700b3acf05b | affected |
| Linux | Linux | 84f1638795da1ff2084597de4251e9054f1ad728 < 692aa7a54b2b28d59f24b3bf8250837805484b99 | affected |
| Linux | Linux | 6.7 | affected |
| Linux | Linux | 0 < 6.7 | unaffected |
| Linux | Linux | 6.9.8 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/bf920ed92ef24dcd6970c88881cd4700b3acf05b
- https://git.kernel.org/stable/c/692aa7a54b2b28d59f24b3bf8250837805484b99
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/bf920ed92ef24dcd6970c88881cd4700b3acf05b
- https://git.kernel.org/stable/c/692aa7a54b2b28d59f24b3bf8250837805484b99
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.