CVE-2024-57952

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The current directory offset allocator stores the next offset value to return in octx->next offset. This mechanism typically returns values that increase monotonically over time. Eventually, though, the newly allocated offset value wraps back to a low number, which is smaller than other already-allocated offset values. After a specific commit, if a directory's offset allocator wraps, existing entries are no longer visible via readdir/getdents because offset readdir() stops listing entries once an entry's offset is larger than octx->next offset. These entries vanish persistently and can be looked up, but will never again appear in readdir(3) output. The reason for this is that the commit treats directory offsets as monotonically increasing integer values rather than opaque cookies. On 64-bit platforms, the directory offset value upper bound is 2^63 - 1, while on 32-bit platforms, LONG MAX is 2^31 - 1, and the allocator can wrap after only a few weeks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.