CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved: erofs:
fix inconsistent per-file compression format EROFS can select compression
algorithms on a per-file basis, and each per-file compression algorithm
needs to be marked in the on-disk superblock for initialization. However,
syzkaller can generate inconsistent crafted images that use an unsupported
algorithmtype for specific inodes, e.g. use MicroLZMA algorithmtype even
it’s not set in sbi->available_compr_algs
. This can lead to an unexpected
“BUG: kernel NULL pointer dereference” if the corresponding decompressor
isn’t built-in. Fix this by checking against sbi->available_compr_algs
for each m_algorithmformat request. Incorrect !erofs_sb_has_compr_cfgs
preset bitmap is now fixed together since it was harmless previously.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-nvidia-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-oracle-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-starfive-6.5 | < any | UNKNOWN |
git.kernel.org/stable/c/118a8cf504d7dfa519562d000f423ee3ca75d2c4
git.kernel.org/stable/c/823ba1d2106019ddf195287ba53057aee33cf724
git.kernel.org/stable/c/eed24b816e50c6cd18cbee0ff0d7218c8fced199
launchpad.net/bugs/cve/CVE-2024-26590
nvd.nist.gov/vuln/detail/CVE-2024-26590
security-tracker.debian.org/tracker/CVE-2024-26590
www.cve.org/CVERecord?id=CVE-2024-26590