PT-2024-6600 · Linux+6 · Linux Kernel+6

Published

2024-05-09

Updated

2026-03-14

CVE-2024-42160

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to the lack of validation of fault attributes in the f2fs build fault attr() function in the Linux kernel's f2fs module. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. The problem was caused by missing validation of fault attributes in the parse options() function. To fix this, a check condition has been added to f2fs build fault attr(). Additionally, f2fs build fault attr() is used in sbi store() to clean up the code.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-10855

ALT-PU-2024-11524

ALT-PU-2024-13979

ALT-PU-2024-14046

AZL-47373

BDU:2024-07747

CVE-2024-42160

DLA-4008-1

MGASA-2024-0277

MGASA-2024-0278

OESA-2024-1961

OESA-2024-1962

OESA-2024-1964

OESA-2024-1996

OESA-2024-2076

USN-7020-1

USN-7020-2

USN-7020-3

USN-7020-4

USN-7021-1

USN-7021-2

USN-7021-3

USN-7021-4

USN-7021-5

USN-7022-1

USN-7022-2

USN-7022-3

USN-7028-1

USN-7028-2

USN-7029-1

USN-7119-1

USN-7156-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2024-6600 · Linux+6 · Linux Kernel+6

CVE-2024-42160

Weakness Enumeration

Related Identifiers

Affected Products

References · 1171