CVE-2024-42305

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description The issue is related to the ext4 file system in the Linux kernel. It occurs when the do split function is called with only one valid dentry for the block to be split, resulting in out-of-bounds accesses to the map. This happens because the make indexed dir function assumes that the first two entries of the dirblock must be dot and dotdot. The problem is triggered when renaming a dentry increases its name length by 1, and neither the hole nor the free space is sufficient to hold the new dentry. To fix this, the ext4 check dx root helper function is added to perform more sanity checks on dot and dotdot before starting the conversion.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later.

Note: The provided information does not specify any additional recommendations or workarounds for this vulnerability.