PT-2024-10405 · Linux+5 · Linux Kernel+5

Ryusuke Konishi

·

Published

2024-05-30

·

Updated

2025-02-03

·

CVE-2024-37078

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the nilfs2 file system in the Linux kernel. Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in the folio/page writeback start routine or writeback end routine. This is because the log writer starts a writeback for segment summary blocks or a super root block that use the backing device's page cache without waiting for the ongoing folio/page writeback, resulting in an inconsistent writeback state. The fix involves waiting for ongoing writebacks when putting folios/pages on the backing device into writeback state.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-99

Related Identifiers

BDU:2025-00933
CVE-2024-37078
DLA-4008-1
DSA-5730-1
DSA-5731-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1941
OESA-2024-1942
OESA-2024-1944
OESA-2024-2107
OESA-2024-2124
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6999-1
USN-6999-2
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-7004-1
USN-7005-1
USN-7005-2
USN-7006-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu