Linux · Linux Kernel · CVE-2024-57850
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 6.6.74
**Description**
The issue is related to the jffs2 rtime decompression routine, which does not fully check bounds during decompression and can corrupt memory outside the decompression buffer if the compressed data is corrupted. This can lead to memory corruption.
**Recommendations**
For versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting the use of the jffs2 file system until a patch is available.