CVE-2024-57895

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The issue arises from ksmbd attempting to set atime and mtime via notify change without also setting ctime, resulting in a warning. This warning is triggered by the setattr copy function. The vulnerability is resolved by adding ATTR CTIME flags when setting mtime.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.74 or later. As a temporary workaround, consider disabling the setattr copy function until a patch is available. Restrict access to the ksmbd module to minimize the risk of exploitation. Avoid using the notify change function in the affected API endpoint until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-664

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2025-12647

ALT-PU-2025-1925

ALT-PU-2025-3483

ALT-PU-2025-3507

AZL-55823

AZL-55881

BDU:2025-03496

CVE-2024-57895

ECHO-E941-C6AF-260A

MGASA-2025-0030

MGASA-2025-0032

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7513-1

USN-7513-2

USN-7513-3

USN-7513-4

USN-7513-5

USN-7514-1

USN-7515-1

USN-7515-2

USN-7522-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2024-57895

Weakness Enumeration

Related Identifiers

Affected Products

References · 842