Linux · Linux Kernel · CVE-2024-36964
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the fs/9p component of the Linux kernel, where incorrect permissions in the `p9mode2perm()` function can be exploited, allowing an attacker to read and manipulate data. The vulnerability is caused by garbage in plain 9P2000's perm bits being allowed through, which can set the suid bit among others. This was presumably not the intent since the unix extended bits are handled explicitly and conditionally.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.