Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-42160

HistoryJul 30, 2024 - 8:15 a.m.

CVE-2024-42160

2024-07-3008:15:07

CWE-754

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

cve-2024-42160

f2fs

fault attrs

validation

parse options

__sbi_store

clean up code

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

f2fs: check validation of fault attrs in f2fs_build_fault_attr()

It missed to check validation of fault attrs in parse_options(),
let’s fix to add check condition in f2fs_build_fault_attr().
Use f2fs_build_fault_attr() in __sbi_store() to clean up code.

Affected configurations

Nvd

Node

linuxlinux_kernelRange<6.1.98

linuxlinux_kernelRange6.2–6.6.39

linuxlinux_kernelRange6.7–6.9.9

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

References

git.kernel.org/stable/c/44958ca9e400f57bd0478115519ffc350fcee61e

git.kernel.org/stable/c/4ed886b187f47447ad559619c48c086f432d2b77

git.kernel.org/stable/c/bc84dd2c33e0c10fd90d60f0cfc0bfb504d4692d

git.kernel.org/stable/c/ecb641f424d6d1f055d149a15b892edcc92c504b

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.0%

JSON

Related for NVD:CVE-2024-42160