SB20240731103 - Improper error handling in Linux kernel nilfs2
Published: July 31, 2024 Updated: May 12, 2025
Security Bulletin ID
SB20240731103
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2024-41034)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_dotdot() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/ff9767ba2cb949701e45e6e4287f8af82986b703
- https://git.kernel.org/stable/c/24c1c8566a9b6be51f5347be2ea76e25fc82b11e
- https://git.kernel.org/stable/c/a9a466a69b85059b341239766a10efdd3ee68a4b
- https://git.kernel.org/stable/c/7000b438dda9d0f41a956fc9bffed92d2eb6be0d
- https://git.kernel.org/stable/c/1a8879c0771a68d70ee2e5e66eea34207e8c6231
- https://git.kernel.org/stable/c/60f61514374e4a0c3b65b08c6024dd7e26150bfd
- https://git.kernel.org/stable/c/298cd810d7fb687c90a14d8f9fd1b8719a7cb8a5
- https://git.kernel.org/stable/c/a9e1ddc09ca55746079cc479aa3eb6411f0d99d4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.318
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.222
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.163
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.280
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.100
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.41