PT-2024-1997 · Linux+7 · Linux Kernel+7

Jan Kara

·

Published

2024-01-18

·

Updated

2025-09-29

·

CVE-2024-26601

CVSS v2.0

6.4

Medium

VectorAV:N/AC:L/Au:N/C:N/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the ext4 file system in the Linux kernel, where a vulnerability can cause corruption of the buddy bitmap due to fast commit replay marking blocks as free that are already marked as such. This can lead to potential impacts on confidentiality, integrity, and availability of protected information. The vulnerability is caused by a race condition, allowing an attacker to exploit it.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-14046
ALT-PU-2024-3457
ALT-PU-2024-6511
ALT-PU-2024-6818
BDU:2024-01853
CVE-2024-26601
DLA-3842-1
DSA-5658-1
DSA-5681-1
INFSA-2024_9315
OESA-2024-1482
OESA-2024-1487
OPENSUSE-SU-2024_1641-1
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
RHSA-2024:10771
RHSA-2024:5066
RHSA-2024:5067
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:1641-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1647-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
USN-6688-1
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6892-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1
USN-6919-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu