CVE-2024-47689

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58

Description A vulnerability in the Linux kernel has been resolved, specifically in the f2fs filesystem. The issue arises from the f2fs setting the SB RDONLY flag in an internal function rather than through the remount procedure, leading to a race condition. This bug can cause issues when handling critical errors in the filesystem, particularly when mounted with the errors=remount-ro option. The vulnerability is related to the f2fs handle critical error function and the SB RDONLY flag.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider disabling the f2fs handle critical error function until a patch is available. Restrict access to the vulnerable f2fs filesystem to minimize the risk of exploitation. Avoid using the SB RDONLY flag in the affected filesystem until the issue is resolved.

Exploit

Fix

DoS

Improper Locking

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-362

Related Identifiers

AZL-50874

BDU:2025-03296

CVE-2024-47689

MGASA-2024-0344

MGASA-2024-0345

OESA-2024-2325

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

USN-7468-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2024-47689

Weakness Enumeration

Related Identifiers

Affected Products

References · 1549