PT-2024-30689 · Linux+7 · Linux Kernel+7
Zhang Yi
·
Published
2024-06-27
·
Updated
2025-09-29
·
CVE-2024-43828
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.50
Description
The issue occurs due to an uninitialized
extent status struct when doing fast commit replay, causing an infinite loop. The ext4 ext determine insert hole() function does not detect the replay and calls ext4 es find extent range(), which returns immediately without initializing the es variable. As a result, es contains garbage, leading to a potential integer overflow and infinite loop in the function. This can be easily reproduced using fstest generic/039. The problem is fixed by unconditionally initializing the structure in the ext4 es find extent range() function.Recommendations
Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider restricting access to the
ext4 es find extent range() function until a patch is available.Exploit
Fix
Use of Uninitialized Resource
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu