跳转到帖子

Ubuntu: (Multiple Advisories) (CVE-2024-49881): Linux kernel vulnerabilities

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Ubuntu: (Multiple Advisories) (CVE-2024-49881): Linux kernel vulnerabilities

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
10/21/2024
Created
12/19/2024
Added
12/18/2024
Modified
01/30/2025

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path to NULL. But after reallocating and successfully initializing the path, we don't update *orig_path, in which case the caller gets a valid path but a NULL ppath, and this may cause a NULL pointer dereference or a path memory leak. For example: ext4_split_extent path = *ppath = 2000 ext4_find_extent if (depth > path[0].p_maxdepth) kfree(path = 2000); *orig_path = path = NULL; path = kcalloc() = 3000 ext4_split_extent_at(*ppath = NULL) path = *ppath; ex = path[depth].p_ext; // NULL pointer dereference! ================================================================== BUG: kernel NULL pointer dereference, address: 0000000000000010 CPU: 6 UID: 0 PID: 576 Comm: fsstress Not tainted 6.11.0-rc2-dirty #847 RIP: 0010:ext4_split_extent_at+0x6d/0x560 Call Trace: <TASK> ext4_split_extent.isra.0+0xcb/0x1b0 ext4_ext_convert_to_initialized+0x168/0x6c0 ext4_ext_handle_unwritten_extents+0x325/0x4d0 ext4_ext_map_blocks+0x520/0xdb0 ext4_map_blocks+0x2b0/0x690 ext4_iomap_begin+0x20e/0x2c0 [...] ================================================================== Therefore, *orig_path is updated when the extent lookup succeeds, so that the caller can safely use path or *ppath.

Solution(s)

  • ubuntu-upgrade-linux-image-5-15-0-1039-xilinx-zynqmp
  • ubuntu-upgrade-linux-image-5-15-0-1056-gkeop
  • ubuntu-upgrade-linux-image-5-15-0-1066-ibm
  • ubuntu-upgrade-linux-image-5-15-0-1066-raspi
  • ubuntu-upgrade-linux-image-5-15-0-1068-nvidia
  • ubuntu-upgrade-linux-image-5-15-0-1068-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-1070-gke
  • ubuntu-upgrade-linux-image-5-15-0-1070-kvm
  • ubuntu-upgrade-linux-image-5-15-0-1071-intel-iotg
  • ubuntu-upgrade-linux-image-5-15-0-1071-oracle
  • ubuntu-upgrade-linux-image-5-15-0-1072-gcp
  • ubuntu-upgrade-linux-image-5-15-0-1073-aws
  • ubuntu-upgrade-linux-image-5-15-0-1078-azure
  • ubuntu-upgrade-linux-image-5-15-0-127-generic
  • ubuntu-upgrade-linux-image-5-15-0-127-generic-64k
  • ubuntu-upgrade-linux-image-5-15-0-127-generic-lpae
  • ubuntu-upgrade-linux-image-5-15-0-127-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-127-lowlatency-64k
  • ubuntu-upgrade-linux-image-aws
  • ubuntu-upgrade-linux-image-aws-lts-22-04
  • ubuntu-upgrade-linux-image-azure
  • ubuntu-upgrade-linux-image-azure-cvm
  • ubuntu-upgrade-linux-image-azure-lts-22-04
  • ubuntu-upgrade-linux-image-gcp
  • ubuntu-upgrade-linux-image-gcp-lts-22-04
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-64k
  • ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
  • ubuntu-upgrade-linux-image-generic-hwe-20-04
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
  • ubuntu-upgrade-linux-image-gke
  • ubuntu-upgrade-linux-image-gke-5-15
  • ubuntu-upgrade-linux-image-gkeop
  • ubuntu-upgrade-linux-image-gkeop-5-15
  • ubuntu-upgrade-linux-image-ibm
  • ubuntu-upgrade-linux-image-intel
  • ubuntu-upgrade-linux-image-intel-iotg
  • ubuntu-upgrade-linux-image-kvm
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-lowlatency-64k
  • ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
  • ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
  • ubuntu-upgrade-linux-image-nvidia
  • ubuntu-upgrade-linux-image-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-oem-20-04
  • ubuntu-upgrade-linux-image-oem-20-04b
  • ubuntu-upgrade-linux-image-oem-20-04c
  • ubuntu-upgrade-linux-image-oem-20-04d
  • ubuntu-upgrade-linux-image-oracle
  • ubuntu-upgrade-linux-image-oracle-lts-22-04
  • ubuntu-upgrade-linux-image-raspi
  • ubuntu-upgrade-linux-image-raspi-nolpae
  • ubuntu-upgrade-linux-image-virtual
  • ubuntu-upgrade-linux-image-virtual-hwe-20-04
  • ubuntu-upgrade-linux-image-xilinx-zynqmp

References

  • https://attackerkb.com/topics/cve-2024-49881
  • CVE - 2024-49881
  • USN-7166-1
  • USN-7166-2
  • USN-7166-3
  • USN-7166-4
  • USN-7186-1
  • USN-7186-2
  • USN-7194-1
View more
  • 引用
  • Mention
    • 查看数 693
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表