CVE-2024-57943

Summary

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix the new buffer was not zeroed before writing

Before writing, if a buffer_head marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written.

So this commit uses folio_zero_new_buffers() to zero the new buffers before ->write_end().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6630ea49103c3d45461e29b0f6eb0ce750aeb8f5 < 942c6f91ab8d82a41650e717940b4e577173762faffected
LinuxLinux6630ea49103c3d45461e29b0f6eb0ce750aeb8f5 < 98e2fb26d1a9eafe79f46d15d54e68e014d81d8caffected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.10 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References