CVE-2024-49960
- Source
- https://cve.org/CVERecord?id=CVE-2024-49960
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49960.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-49960
- Downstream
- Related
- Published
- 2024-10-21T18:02:13.119Z
- Modified
- 2026-03-20T12:38:12.038523Z
- Summary
- ext4: fix timer use-after-free on failed mount
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix timer use-after-free on failed mount
Syzbot has found an ODEBUG bug in ext4fillsuper
The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is no longer active before kfree(sbi).
When filesystem mounting fails, the flow goes to failedmount3, where an error occurs when ext4stopmmpd is called, causing a read I/O failure. This triggers the ext4handleerror function that ultimately re-arms the timer, leaving the serr_report timer active before kfree(sbi) is called.
Fix the issue by canceling the serrreport timer after calling ext4stopmmpd.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49960.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/0ce160c5bdb67081a62293028dc85758a8efb22a
- https://git.kernel.org/stable/c/22e9b83f0f33bc5a7a3181769d1dccbf021f5b04
- https://git.kernel.org/stable/c/7aac0c17a8cdf4a3236991c1e60435c6a984076c
- https://git.kernel.org/stable/c/9203817ba46ebba7c865c8de2aba399537b6e891
- https://git.kernel.org/stable/c/b85569585d0154d4db1e4f9e3e6a4731d407feb0
- https://git.kernel.org/stable/c/cf3196e5e2f36cd80dab91ffae402e13935724bc
- https://git.kernel.org/stable/c/fa78fb51d396f4f2f80f8e96a3b1516f394258be
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49960.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-49960
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5e4f5138bd8522ebe231a137682d3857209a2c07Fixed7aac0c17a8cdf4a3236991c1e60435c6a984076c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced618f003199c6188e01472b03cdbba227f1dc5f24Fixed22e9b83f0f33bc5a7a3181769d1dccbf021f5b04Fixedcf3196e5e2f36cd80dab91ffae402e13935724bcFixed9203817ba46ebba7c865c8de2aba399537b6e891Fixedfa78fb51d396f4f2f80f8e96a3b1516f394258beFixedb85569585d0154d4db1e4f9e3e6a4731d407feb0Fixed0ce160c5bdb67081a62293028dc85758a8efb22a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedcecfdb9cf9a700d1037066173abac0617f6788dfLast affectedeb7b40d9d3785f7a131fb0b1f89bb6efa46c1833