PT-2024-29853 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2024-07-10

·

Updated

2025-09-29

·

CVE-2024-42304

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to the ext4 component of the Linux kernel, where a directory can be constructed without a dirblock but is non-inline, resulting in the first directory block being a hole. This can cause code that relies on dot or dotdot (such as make indexed dir()) to crash when it encounters a directory block without '.' and '..' but with a valid dentry. The vulnerability is resolved by reporting the filesystem as corrupted and returning an error when the first directory block is a hole, thus avoiding the loading of corrupted data from disk.
Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider restricting access to directories that may be affected by this vulnerability until the update can be applied.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-388

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2025-01424
CVE-2024-42304
DLA-3912-1
DLA-4008-1
INFSA-2025_6966
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2028
OESA-2024-2029
OESA-2024-2030
OESA-2024-2031
OESA-2025-1078
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:3551-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu