CVE-2024-50218

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50218
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50218.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50218
Downstream
Related
Published
2024-11-09T10:14:29.708Z
Modified
2025-11-27T19:34:03.040217Z
Summary
ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow
Details

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: pass u64 to ocfs2truncateinline maybe overflow

Syzbot reported a kernel BUG in ocfs2truncateinline. There are two reasons for this: first, the parameter value passed is greater than ocfs2maxinlinedatawithxattr, second, the start and end parameters of ocfs2truncate_inline are "unsigned int".

So, we need to add a sanity check for bytestart and bytelen right before ocfs2truncateinline() in ocfs2removeinoderange(), if they are greater than ocfs2maxinlinedatawithxattr return -EINVAL.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2024/50xxx/CVE-2024-50218.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
27d95867bee806cdc448d122bd99f1d8b0544035
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
95fbed8ae8c32c0977e6be1721c190d8fea23f2f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
70767689ec6ee5f05fb0a2c17d7ec1927946e486
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
ecd62f684386fa64f9c0cea92eea361f4e6444c2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
2fe5d62e122b040ce7fc4d31aa7fa96ae328cefc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
88f97a4b5843ce21c1286e082c02a5fb4d8eb473
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
0b6b8c2055784261de3fb641c5d0d63964318e8f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1afc32b952335f665327a1a9001ba1b44bb76fd9
Fixed
bc0a2f3a73fcdac651fca64df39306d1e5ebe3b0

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.24
Fixed
4.19.323
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.285
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.229
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.171
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.116
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.60
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.7