CVE-2024-49959

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: A vulnerability in the Linux kernel has been resolved, related to the jbd2 module. The issue occurs when the jbd2 cleanup journal tail() function returns an error, causing the kernel to continue waiting for free space instead of stopping immediately. This can lead to warnings and errors, such as "JBD2: I/O error when updating journal superblock" and "no way to get more journal space." The vulnerability is related to the jbd2 log wait for space() function and the j committing transaction variable.

Recommendations: To resolve the issue, update to Linux kernel version 6.6.58 or later. As a temporary workaround, consider disabling the jbd2 cleanup journal tail() function until a patch is available. However, this is not recommended as it may cause other issues. The best course of action is to update to the latest kernel version.

Note: The provided information does not mention the estimated number of potentially affected devices or real-world incidents where this issue was exploited. Therefore, this information is not included in the description.