CVE-2024-50065

Summary

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: Change to non-blocking allocation in ntfs_d_hash

d_hash is done while under "rcu-walk" and should not sleep. __get_name() allocates using GFP_KERNEL, having the possibility to sleep when under memory pressure. Change the allocation to GFP_NOWAIT.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux58ebd50d22529f79d2497abbb006137a7c7f5336 < c556e72cea2a1131ae418be017dd6fc76fffe2fbaffected
LinuxLinuxd392e85fd1e8d58e460c17ca7d0d5c157848d9c1 < d0c710372e238510db08ea01e7b8bd81ed995dd6affected
LinuxLinuxd392e85fd1e8d58e460c17ca7d0d5c157848d9c1 < 589996bf8c459deb5bbc9747d8f1c51658608103affected
LinuxLinux2e83375fd95b81be0e9ca457cc7c3f23e3575768affected
LinuxLinux6.6.44 < 6.6.57affected
LinuxLinux6.10.3 < 6.11affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.6.57 <= 6.6.*unaffected
LinuxLinux6.11.4 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References