PT-2024-29160 · Linux+5 · Linux Kernel+5

Published

2024-04-08

·

Updated

2025-03-13

·

CVE-2024-40943

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a race condition between hole punching and AIO+DIO in the ocfs2 filesystem. When ocfs2 dio wr get block is called to add unwritten extents to a list and another thread calls fallocate to punch a hole at one of the unwritten extents, the extent at cpos can be removed by ocfs2 remove extent(). This leads to an error when ocfs2 search extent list is called, as it cannot find the extent at cpos. The file system becomes read-only, and on-disk corruption is discovered. To fix this, the code has been modified to wait for all dio before fallocate/punch hole, similar to ext4.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-667

Related Identifiers

BDU:2025-03430
CVE-2024-40943
DLA-4008-1
DSA-5730-1
DSA-5731-1
OESA-2024-1894
OESA-2024-1895
OESA-2024-1896
OESA-2024-1897
OPENSUSE-SU-2024_2947-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2894-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2940-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3383-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-6999-1
USN-6999-2
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-7004-1
USN-7005-1
USN-7005-2
USN-7006-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1
USN-7332-1
USN-7332-2
USN-7332-3
USN-7342-1
USN-7344-1
USN-7344-2

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu