PT-2024-32734 · Linux+10 · Linux Kernel+10

Published

2024-08-23

Updated

2025-11-12

CVE-2024-47679

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58

Description The issue is related to a race condition between evice inodes() and find inode()&iput() in the Linux kernel's Virtual File System (VFS). This occurs when there are concurrent threads calling iput() and generic shutdown super(), leading to a situation where two threads may simultaneously evict the same inode. This can trigger a bug statement within clear inode() and iput(). The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Technical details about exploitation include:

API Endpoints: None specified.
Vulnerable Parameters or Variables: inode->i count, I FREEING, I WILL FREE, I NEW.
Function Names: iput(), find inode(), generic shutdown super(), clear inode(), iget(), inode add lru(), evict inodes().

Recommendations To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider rechecking the inode->i count after holding i lock to reduce the overhead of spin lock(). Restrict access to the vulnerable btrfs iget() function to minimize the risk of exploitation. Avoid using the inode variable in the affected API endpoints until the issue is resolved.

Exploit

Fix

Improper Locking

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-362

Related Identifiers

ALSA-2025:20518

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALSA-2025_18281

ALSA-2025_19102

ALSA-2025_19103

ALSA-2025_19409

ALSA-2025_20518

ALT-PU-2024-14046

ALT-PU-2024-14268

ALT-PU-2024-14270

ALT-PU-2024-14503

ALT-PU-2024-15739

ALT-PU-2024-16172

AZL-50770

AZL-50900

BDU:2025-05135

CVE-2024-47679

DLA-4008-1

DLA-4075-1

INFSA-2025_20518

MGASA-2024-0344

MGASA-2024-0345

OESA-2024-2367

OESA-2024-2424

OESA-2024-2425

OESA-2024-2426

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4315-1

OPENSUSE-SU-2024_4316-1

OPENSUSE-SU-2024_4376-1

OPENSUSE-SU-2025:14705-1

RHSA-2025:20518

RHSA-2025_20518

SUSE-SU-2024:4314-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4367-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0035-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7166-1

USN-7166-2

USN-7166-3

USN-7166-4

USN-7186-1

USN-7186-2

USN-7194-1

USN-7276-1

USN-7277-1

USN-7293-1

USN-7294-1

USN-7294-2

USN-7294-3

USN-7294-4

USN-7295-1

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7393-1

USN-7401-1

USN-7403-1

USN-7413-1

USN-7468-1

USN-7539-1

USN-7540-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-32734 · Linux+10 · Linux Kernel+10

CVE-2024-47679

Weakness Enumeration

Related Identifiers

Affected Products

References · 3410