CVE-2024-36947
qibfs: fix dentry leak
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
30 mai 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
qibfs: fix dentry leak
simple_recursive_removal() drops the pinning references to all positives
in subtree. For the cases when its argument has been kept alive by
the pinning alone that's exactly the right thing to do, but here
the argument comes from dcache lookup, that needs to be balanced by
explicit dput().
Fucked-up-by: Al Viro <viro@zeniv.linux.org.uk>
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/02ee394a5d899d9bd2f0759382e9481cab6166f8https://git.kernel.org/stable/c/24dd9b08df718f20ccf2dd1519909fefd8c233eehttps://git.kernel.org/stable/c/aa23317d0268b309bb3f0801ddd0d61813ff5afbhttps://git.kernel.org/stable/c/bd8f78c71defbcb7a9ed331e7f287507df972b00https://git.kernel.org/stable/c/db71ca93259dd1078bcfea3afafde2143cfc2da7