PT-2024-5420 · Linux+11 · Linux Kernel+11
Sam Sun
·
Published
2024-05-03
·
Updated
2026-03-14
·
CVE-2024-39472
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the
xlog do recovery pass() function in the fs/xfs/xfs log recover.c module of the Linux kernel's xfs file system. It involves an out-of-bounds access due to incorrect handling of the h size value, which can be exploited to impact the availability of protected information. The problem arises from a fixup for incorrect h size values used in old xfsprogs versions, which was later cleaned up but stopped using the fixed h size value for sizing the log recovery buffer. This can lead to out-of-bounds access when the incorrect h size does not come from the old mkfs tool but from a fuzzer. The fix involves open coding xlog logrec hblks and taking the fixed h size into account for this calculation.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Out of bounds Read
Allocation of Resources Without Limits
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu