CVE-2024-46780

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-46780
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46780.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-46780
Downstream
Related
Published
2024-09-18T07:12:36.736Z
Modified
2026-05-15T11:53:45.801158711Z
Summary
nilfs2: protect references to superblock parameters exposed in sysfs
Details

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: protect references to superblock parameters exposed in sysfs

The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also regularly swapped, replaced during resizing, and even abandoned when degrading to one side due to backing device issues. So, accessing them requires mutual exclusion using the reader/writer semaphore "nilfs->ns_sem".

Some sysfs attribute show methods read this superblock buffer without the necessary mutual exclusion, which can cause problems with pointer dereferencing and memory access, so fix it.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46780.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.17.0
Fixed
4.19.322
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.284
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.226
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.167
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.110
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.51
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46780.json"