CVE-2024-47733

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47733
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47733.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47733
Downstream
Related
Published
2024-10-21T12:14:04Z
Modified
2025-10-17T13:11:34.643612Z
Summary
netfs: Delete subtree of 'fs/netfs' when netfs module exits
Details

In the Linux kernel, the following vulnerability has been resolved:

netfs: Delete subtree of 'fs/netfs' when netfs module exits

In netfsinit() or fscacheprocinit(), we create dentry under 'fs/netfs', but in netfsexit(), we only delete the proc entry of 'fs/netfs' without deleting its subtree. This triggers the following WARNING:

================================================================== removeprocentry: removing non-empty directory 'fs/netfs', leaking at least 'requests' WARNING: CPU: 4 PID: 566 at fs/proc/generic.c:717 removeprocentry+0x160/0x1c0 Modules linked in: netfs(-) CPU: 4 UID: 0 PID: 566 Comm: rmmod Not tainted 6.11.0-rc3 #860 RIP: 0010:removeprocentry+0x160/0x1c0 Call Trace: <TASK> netfsexit+0x12/0x620 [netfs] _dosysdeletemodule.isra.0+0x14c/0x2e0 dosyscall_64+0x4b/0x110

entrySYSCALL64afterhwframe+0x76/0x7e

Therefore use removeprocsubtree() instead of removeprocentry() to fix the above problem.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab
Fixed
603f95cefbee06a31b03137b777f03e3c2163d72
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab
Fixed
7a9eaf97d56625e55b31a7beb558e1ee185ca461
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab
Fixed
3c58a9575e02c2b90a3180007d57105ceaa7c246

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.10
v6.10.11
v6.10.12
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "id": "CVE-2024-47733-15ba4f08",
        "signature_type": "Line",
        "signature_version": "v1",
        "target": {
            "file": "fs/netfs/main.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a9eaf97d56625e55b31a7beb558e1ee185ca461",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "78226701140701132678497629426316526544",
                "336808625742975489402931439094272433754",
                "210388273941558480492194827893731357947",
                "254546770613265778056412832765042402091",
                "98751401481271612703565103350239582952",
                "205996367563557999722022957560644155328",
                "303219264396742309783979536195195211481",
                "152116868928645336687517883016601990016"
            ],
            "threshold": 0.9
        }
    },
    {
        "id": "CVE-2024-47733-2efe3ef7",
        "signature_type": "Line",
        "signature_version": "v1",
        "target": {
            "file": "fs/netfs/main.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3c58a9575e02c2b90a3180007d57105ceaa7c246",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "78226701140701132678497629426316526544",
                "336808625742975489402931439094272433754",
                "210388273941558480492194827893731357947",
                "254546770613265778056412832765042402091",
                "98751401481271612703565103350239582952",
                "205996367563557999722022957560644155328",
                "303219264396742309783979536195195211481",
                "152116868928645336687517883016601990016"
            ],
            "threshold": 0.9
        }
    },
    {
        "id": "CVE-2024-47733-87062f13",
        "signature_type": "Line",
        "signature_version": "v1",
        "target": {
            "file": "fs/netfs/main.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@603f95cefbee06a31b03137b777f03e3c2163d72",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "78226701140701132678497629426316526544",
                "336808625742975489402931439094272433754",
                "210388273941558480492194827893731357947",
                "254546770613265778056412832765042402091",
                "98751401481271612703565103350239582952",
                "205996367563557999722022957560644155328",
                "303219264396742309783979536195195211481",
                "152116868928645336687517883016601990016"
            ],
            "threshold": 0.9
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.10.13
Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.11.2