CVE-2024-39469

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-39469
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39469.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-39469
Downstream
Related
Published
2024-06-25T14:28:55.581Z
Modified
2026-05-15T11:54:47.003728793Z
Summary
nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
Details

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix nilfsemptydir() misjudgment and long loop on I/O errors

The error handling in nilfsemptydir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfscheckfolio() fails, it will falsely determine the directory as empty and corrupt the file system.

In addition, since nilfsemptydir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory's inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot.

Fix these issues by making nilfsemptydir() immediately return a false value (0) if it fails to get a directory folio/page.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39469.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.30
Fixed
4.19.317
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.279
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.221
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.162
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.95
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.35
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39469.json"