PT-2023-8448 · Linux+5 · Linux Kernel+5

Rohit Keshri

·

Publicado

2023-05-06

·

Atualizado

2026-02-18

·

CVE-2024-0775

CVSS v3.1

7.1

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free flaw was found in the ext4 remount() function in the Linux kernel, specifically in fs/ext4/super.c in ext4. This issue is related to the handling of old quota file names with the CONFIG QUOTA configuration. The flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. This could impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-33968
BDU:2024-00776
CVE-2024-0775
OPENSUSE-SU-2024:14314-1
OPENSUSE-SU-2024_0469-1
OPENSUSE-SU-2024_0515-1
SUSE-SU-2024:0463-1
SUSE-SU-2024:0468-1
SUSE-SU-2024:0469-1
SUSE-SU-2024:0474-1
SUSE-SU-2024:0476-1
SUSE-SU-2024:0478-1
SUSE-SU-2024:0483-1
SUSE-SU-2024:0484-1
SUSE-SU-2024:0514-1
SUSE-SU-2024:0515-1
SUSE-SU-2024:0516-1
SUSE-SU-2024:1358-1
SUSE-SU-2024:1491-1
SUSE-SU-2024:1493-1
SUSE-SU-2024:1505-1
SUSE-SU-2024:1506-1
SUSE-SU-2024:1537-1
SUSE-SU-2024:1545-1
SUSE-SU-2024:1551-1
SUSE-SU-2024:1554-1
SUSE-SU-2024:1558-1
SUSE-SU-2024:1562-1
SUSE-SU-2024:1580-1
SUSE-SU-2024:1581-1
SUSE-SU-2024:1582-1
SUSE-SU-2024:1596-1
USN-6700-1
USN-6700-2
USN-6701-1
USN-6701-2
USN-6701-3
USN-6701-4

Produtos afetados

Alt Linux
Astra Linux
Linux Kernel
Red Os
Suse
Ubuntu