SB20240625129 - Out-of-bounds read in Linux kernel f2fs
Published: June 25, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240625129
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2024-39467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sanity_check_inode() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/c559a8d840562fbfce9f318448dda2f7d3e6d8e8
- https://git.kernel.org/stable/c/75c87e2ac6149abf44bdde0dd6d541763ddb0dff
- https://git.kernel.org/stable/c/1640dcf383cdba52be8b28d2a1a2aa7ef7a30c98
- https://git.kernel.org/stable/c/8c8aa473fe6eb46a4bf99f3ea2dbe52bf0c1a1f0
- https://git.kernel.org/stable/c/be0155202e431f3007778568a72432c68f8946ba
- https://git.kernel.org/stable/c/68e3cd4ecb8603936cccdc338929130045df2e57
- https://git.kernel.org/stable/c/20faaf30e55522bba2b56d9c46689233205d7717
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.94
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.34