CVE-2024-27058

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a race condition in the tmpfs component of the Linux kernel. A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. The shmem release dquot() function may trigger a warning because it couldn't find a node in the tree when the real reason was the root node changing before the search starts. This occurs due to insufficient protection of the rb tree root node by the dqopt->dqio sem. The vulnerability can be exploited by an attacker to elevate privileges in the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.