PT-2024-32196 · Linux+6 · Linux Kernel+6

Ryusuke Konishi

·

Published

2024-09-01

·

Updated

2025-09-29

·

CVE-2024-46780

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52
Description The issue concerns the nilfs2 file system in the Linux kernel, where the superblock buffers can be overwritten, swapped, or abandoned due to various operations. Accessing these buffers requires mutual exclusion using the nilfs->ns sem reader/writer semaphore. However, some sysfs attribute show methods read the superblock buffer without this necessary mutual exclusion, leading to potential problems with pointer dereferencing and memory access.
Recommendations To resolve the issue, update the Linux kernel to version 6.6.52 or later. As a temporary workaround, consider restricting access to the sysfs attributes that read the superblock buffer without mutual exclusion, until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-12535
BDU:2025-01663
CVE-2024-46780
DLA-3912-1
DLA-4008-1
DSA-5782-1
MGASA-2024-0316
MGASA-2024-0318
OESA-2024-2216
OESA-2024-2217
OESA-2024-2218
OESA-2024-2219
OESA-2024-2220
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1
USN-7496-1
USN-7496-2
USN-7496-3
USN-7496-4
USN-7496-5
USN-7506-1
USN-7506-2
USN-7506-3
USN-7506-4

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu