CVE-2024-50116

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-50116

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing.

References
Link Resource
https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3 Patch
https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3 Patch
https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f Patch
https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab Patch
https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567 Patch
https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25 Patch
https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1 Patch
https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
History

03 Nov 2025, 23:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html -

03 Nov 2025, 21:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html -

08 Nov 2024, 19:17

Type Values Removed Values Added
First Time Linux
Linux linux Kernel
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3 - () https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3 - Patch
References () https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3 - () https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3 - Patch
References () https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f - () https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f - Patch
References () https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab - () https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab - Patch
References () https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567 - () https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567 - Patch
References () https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25 - () https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25 - Patch
References () https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1 - () https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1 - Patch
References () https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa - () https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa - Patch
CWE NVD-CWE-noinfo

08 Nov 2024, 16:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3 -
  • () https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f -
  • () https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1 -

06 Nov 2024, 18:17

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: se corrige un error del kernel debido a la falta de limpieza del indicador de retraso del búfer Syzbot informó que después de que nilfs2 lee una imagen de sistema de archivos corrupta y se degrada a solo lectura, la comprobación BUG_ON para el indicador de retraso del búfer en submission_bh_wbc() puede fallar, lo que provoca un error del kernel. Esto se debe a que el indicador de retraso del búfer no se borra al borrar los indicadores de estado del búfer para descartar una página/folio o un encabezado de búfer. Por lo tanto, solucione esto. Esto se volvió necesario cuando se expandió el uso de la propia rutina de limpieza de páginas de nilfs2. Esta inconsistencia de estado no ocurre si el búfer se escribe normalmente mediante la escritura de registro.

05 Nov 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-05 18:15

Updated : 2025-11-03 23:16

NVD link : CVE-2024-50116

Mitre link : CVE-2024-50116

CVE.ORG link : CVE-2024-50116

JSON object : View

Products Affected

linux

CWE
NVD-CWE-noinfo