CVE-2024-50006
- Source
- https://cve.org/CVERecord?id=CVE-2024-50006
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50006.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50006
- Downstream
- Related
- Published
- 2024-10-21T18:53:59.938Z
- Modified
- 2026-03-11T07:46:03.131399Z
- Summary
- ext4: fix i_data_sem unlock order in ext4_ind_migrate()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix idatasem unlock order in ext4indmigrate()
Fuzzing reports a possible deadlock in jbd2logwait_commit.
This issue is triggered when an EXT4IOCMIGRATE ioctl is set to require synchronous updates because the file descriptor is opened with OSYNC. This can lead to the jbd2journalstop() function calling jbd2mightwaitforcommit(), potentially causing a deadlock if the EXT4IOC_MIGRATE call races with a write(2) system call.
This problem only arises when CONFIGPROVELOCKING is enabled. In this case, the jbd2mightwaitforcommit macro locks jbd2handle in the jbd2journalstop function while idatasem is locked. This triggers lockdep because the jbd2journalstart function might also lock the same jbd2handle simultaneously.
Found by Linux Verification Center (linuxtesting.org) with syzkaller.
Rule: add
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50006.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/3c46d6060d3e38de22196c1fe7706c5a3c696285
- https://git.kernel.org/stable/c/4192adefc9c570698821c5eb9873320eac2fcbf1
- https://git.kernel.org/stable/c/53b1999cfd2c7addf2e581a32865fe8835467b44
- https://git.kernel.org/stable/c/6252cb6bde7fc76cb8dcb49d1def7c326b190820
- https://git.kernel.org/stable/c/9fedf51ab8cf7b69bff08f37fe0989fec7f5d870
- https://git.kernel.org/stable/c/cc749e61c011c255d81b192a822db650c68b313f
- https://git.kernel.org/stable/c/d43776b907659affef1de888525847d64b244194
- https://git.kernel.org/stable/c/d58a00e981d3118b91d503da263e640b7cde6729
- https://git.kernel.org/stable/c/ef05572da0c0eb89614ed01cc17d3c882bdbd1ff
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50006.json
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-50006
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede8238f9a8339b3578c85e4192a7a23bc2bdc0333Fixed4192adefc9c570698821c5eb9873320eac2fcbf1Fixed3c46d6060d3e38de22196c1fe7706c5a3c696285Fixed53b1999cfd2c7addf2e581a32865fe8835467b44Fixedef05572da0c0eb89614ed01cc17d3c882bdbd1ffFixed9fedf51ab8cf7b69bff08f37fe0989fec7f5d870Fixedd43776b907659affef1de888525847d64b244194Fixed6252cb6bde7fc76cb8dcb49d1def7c326b190820Fixedd58a00e981d3118b91d503da263e640b7cde6729Fixedcc749e61c011c255d81b192a822db650c68b313f