CVE-2024-57924

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to v6.6

Description The issue is related to the encoding of file handles in the Linux kernel. The encode fh() method may fail for various reasons, and some users of exportfs encode {fh,fid}() have a WARN ON() assertion when this failure occurs. However, this assertion is incorrect and has been relaxed. The legacy users of exportfs encode fh(), such as nfsd and the name to handle at(2) syscall, are prepared to handle the possibility of failure to encode a file handle.

Recommendations For Linux kernel versions prior to v6.6, apply the patch that relaxes the assertions on failure to encode file handles. As a temporary workaround, consider disabling the exportfs encode {fh,fid}() functions until the patch is applied. Restrict access to the vulnerable encode fh() method to minimize the risk of exploitation. Avoid using the encode fh() method in sensitive operations until the issue is resolved.