CVE-2024-42306
udf: Avoid using corrupted block bitmap buffer
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
17 Aug 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
udf: Avoid using corrupted block bitmap buffer
When the filesystem block bitmap is corrupted, we detect the corruption
while loading the bitmap and fail the allocation with error. However the
next allocation from the same bitmap will notice the bitmap buffer is
already loaded and tries to allocate from the bitmap with mixed results
(depending on the exact nature of the bitmap corruption). Fix the
problem by using BH_verified bit to indicate whether the bitmap is valid
or not.
Affected products
Linux · LinuxReferences
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://git.kernel.org/stable/c/2199e157a465aaf98294d3932797ecd7fce942d5https://git.kernel.org/stable/c/271cab2ca00652bc984e269cf1208699a1e09cddhttps://git.kernel.org/stable/c/57053b3bcf3403b80db6f65aba284d7dfe7326afhttps://git.kernel.org/stable/c/6a43e3c210df6c5f00570f4be49a897677dbcb64https://git.kernel.org/stable/c/8ca170c39eca7cad6e0cfeb24e351d8f8eddcd65https://git.kernel.org/stable/c/a90d4471146de21745980cba51ce88e7926bcc4fhttps://git.kernel.org/stable/c/cae9e59cc41683408b70b9ab569f8654866ba914https://lists.debian.org/debian-lts-announce/2024/10/msg00003.htmlhttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.html