CVE-2024-47701

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58

Description The issue is related to an out-of-bounds access in the ext4 filesystem when system.data xattr changes underneath the filesystem. This can lead to a use-after-free error detected by KASAN. The problem occurs when looking up an entry in an inlined directory and the e value offs is changed underneath the filesystem by some change in the block device. Calling ext4 xattr ibody find right after reading the inode with ext4 get inode loc can help avoid this problem. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, upgrade the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider calling ext4 xattr ibody find right after reading the inode with ext4 get inode loc to check the validity of the xattrs and avoid the out-of-bounds access. Restrict access to the vulnerable ext4 search dir function until a patch is available. Avoid using the e value offs variable in the affected ext4 filesystem until the issue is resolved.