CVE-2024-53171

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue has been identified in the Linux kernel, specifically in the ubifs tnc end commit function. This issue can be triggered by inserting a new node into the TNC tree, causing the tree to split and a node's znode->parent to change. If other nodes in the tree are deleted, the znode->cparent of the affected node may still point to a freed node, leading to a use-after-free error when accessing znode->cparent in write index(). This can be exploited by running a specific sequence of commands, including rm -f /etc/test-file.bin and dd if=/dev/urandom of=/etc/test-file.bin bs=1M count=60 conv=fsync, in a loop, with CONFIG UBIFS FS AUTHENTICATION enabled. The issue can be fixed by explicitly setting znode->cparent to NULL in get znodes to commit() for the root node.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.