CVE-2024-47700

Summary

In the Linux kernel, the following vulnerability has been resolved:

ext4: check stripe size compatibility on remount as well

We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed when trying to remount. This can leave us with cases where stripe < cluster_ratio after remount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some unforeseen bugs like divide by 0.

Fix that by adding the check in remount path as well.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc3defd99d58cbdd132bd197714e5523dac976b66 < faeff8b1ee2eaa5969c8e994d66c3337298cefedaffected
LinuxLinuxc3defd99d58cbdd132bd197714e5523dac976b66 < 297615e992bbb30a55c158141086be6505d5d722affected
LinuxLinuxc3defd99d58cbdd132bd197714e5523dac976b66 < a31b712f75445d52fc0451dc54fd7b16a552cb7caffected
LinuxLinuxc3defd99d58cbdd132bd197714e5523dac976b66 < ee85e0938aa8f9846d21e4d302c3cf6a2a75110daffected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References