Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-40971HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40971
2024-07-1213:15:18
Debian Security Bug Tracker
security-tracker.debian.org
4
linux kernel
f2fs
sb_inlinecrypt
data corruption
vulnerability
In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SB_INLINECRYPT flag in default_options In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead to data corruption if wrappedkey_v0 is enable. Thread A: Thread B: -f2fs_remount -f2fs_file_open or f2fs_new_inode -default_options <- clear SB_INLINECRYPT flag -fscrypt_select_encryption_impl -parse_options <- set SB_INLINECRYPT again
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.99-1 | linux_6.1.99-1_all.deb |
| Debian | 11 | all | linux | < 5.10.221-1 | linux_5.10.221-1_all.deb |
| Debian | 999 | all | linux | < 6.9.7-1 | linux_6.9.7-1_all.deb |
| Debian | 13 | all | linux | < 6.9.7-1 | linux_6.9.7-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2024-40971
2024-07-12 00:00:00
cvelist
cvelist
CVE-2024-40971 f2fs: remove clear SB_INLINECRYPT flag in default_options
2024-07-12 12:32:09
redhatcve
redhatcve
CVE-2024-40971
2024-07-16 17:26:24
nvd
nvd
CVE-2024-40971
2024-07-12 13:15:18
cve
cve
CVE-2024-40971
2024-07-12 13:15:18
osv
osv
CVE-2024-40971
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux - security update
2024-07-15 00:00:00
vulnrichment
vulnrichment
CVE-2024-40971 f2fs: remove clear SB_INLINECRYPT flag in default_options
2024-07-12 12:32:09
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
Debian dsa-5730 : affs-modules-5.10.0-29-4kc-malta-di - security update
2024-07-16 00:00:00
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12618)
2024-09-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Debian: Security Advisory (DSA-5730-1)
2024-07-16 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00