5.5 CVE-2024-50202

Enriched by CISA Patch
 

In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entry(), which searches for directory entries, ignores errors when loading a directory page/folio via nilfs_get_folio() fails. If the filesystem images is corrupted, and the i_size of the directory inode is large, and the directory page/folio is successfully read but fails the sanity check, for example when it is zero-filled, nilfs_check_folio() may continue to spit out error messages in bursts. Fix this issue by propagating the error to the callers when loading a page/folio fails in nilfs_find_entry(). The current interface of nilfs_find_entry() and its callers is outdated and cannot propagate error codes such as -EIO and -ENOMEM returned via nilfs_find_entry(), so fix it together.
https://nvd.nist.gov/vuln/detail/CVE-2024-50202

Categories

CWE-755 : Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition. Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.) SDK for OPC Unified Architecture (OPC UA) server has uncaught exception when a socket is blocked for writing but the server tries to send an error Chain: JavaScript-based cryptocurrency library can fall back to the insecure Math.random() function instead of reporting a failure (CWE-392), thus reducing the entropy (CWE-332) and leading to generation of non-unique cryptographic keys for Bitcoin wallets (CWE-1391) virtual interrupt controller in a virtualization product allows crash of host by writing a certain invalid value to a register, which triggers a fatal error instead of returning an error code Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.

References


 

AFFECTED (from MITRE)

Vendor Product Versions
Linux Linux
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < bb857ae1efd3138c653239ed1e7aef14e1242c81 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < b4b3dc9e7e604be98a222e9f941f5e93798ca475 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < c1d0476885d708a932980b0f28cd90d9bd71db39 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < edf8146057264191d5bfe5b91773f13d936dadd3 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < 270a6f9df35fa2aea01ec23770dc9b3fc9a12989 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < 9698088ac7704e260f492d9c254e29ed7dd8729a [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < efa810b15a25531cbc2f527330947b9fe16916e7 [affected]
  • 2ba466d74ed74f073257f86e61519cb8f8f46184 < 08cfa12adf888db98879dbd735bc741360a34168 [affected]
Linux Linux
  • 2.6.30 [affected]
  • < 2.6.30 [unaffected]
  • 4.19.323 ≤ 4.19.* [unaffected]
  • 5.4.285 ≤ 5.4.* [unaffected]
  • 5.10.228 ≤ 5.10.* [unaffected]
  • 5.15.169 ≤ 5.15.* [unaffected]
  • 6.1.114 ≤ 6.1.* [unaffected]
  • 6.6.58 ≤ 6.6.* [unaffected]
  • 6.11.5 ≤ 6.11.* [unaffected]
  • 6.12 ≤ * [unaffected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 2.6.30 < 4.19.323
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 4.20 < 5.4.285
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 5.5 < 5.10.228
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 5.11 < 5.15.169
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 5.16 < 6.1.114
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.2 < 6.6.58
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.7 < 6.11.5
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*

REMEDIATION

Patch

Url
https://git.kernel.org/stable/c/08cfa12adf888db98879dbd735bc741360a34168
https://git.kernel.org/stable/c/270a6f9df35fa2aea01ec23770dc9b3fc9a12989
https://git.kernel.org/stable/c/9698088ac7704e260f492d9c254e29ed7dd8729a
https://git.kernel.org/stable/c/b4b3dc9e7e604be98a222e9f941f5e93798ca475
https://git.kernel.org/stable/c/bb857ae1efd3138c653239ed1e7aef14e1242c81
https://git.kernel.org/stable/c/c1d0476885d708a932980b0f28cd90d9bd71db39
https://git.kernel.org/stable/c/edf8146057264191d5bfe5b91773f13d936dadd3
https://git.kernel.org/stable/c/efa810b15a25531cbc2f527330947b9fe16916e7

EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry