| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\n\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\n\nThis series addresses three potential issues with empty b-tree nodes that\ncan occur with corrupted filesystem images, including one recently\ndiscovered by syzbot.\n\n\nThis patch (of 3):\n\nIf a b-tree is broken on the device, and the b-tree height is greater than\n2 (the level of the root node is greater than 1) even if the number of\nchild nodes of the b-tree root is 0, a NULL pointer dereference occurs in\nnilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\n\nThis is because, when the number of child nodes of the b-tree root is 0,\nnilfs_btree_do_lookup() does not set the block buffer head in any of\npath[x].bp_bh, leaving it as the initial value of NULL, but if the level\nof the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(),\nwhich accesses the buffer memory of path[x].bp_bh, is called.\n\nFix this issue by adding a check to nilfs_btree_root_broken(), which\nperforms sanity checks when reading the root node from the device, to\ndetect this inconsistency.\n\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause\nearly on." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nilfs2/btree.c" |
| ], |
| "versions": [ |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "2b78e9df10fb7f4e9d3d7a18417dd72fbbc1dfd0", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "1d94dbdfbb64cc48d10dec65cc3c4fbf2497b343", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "24bf40740a3da6b4056721da34997ae6938f3da1", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "73d23ecf234b7a6d47fb883f2dabe10e3230b31d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "f68523e0f26faade18833fbef577a4295d8e2c94", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "21839b6fbc3c41b3e374ecbdb0cabbbb2c53cf34", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "db73500d3f0e558eb642aae1d4782e7726b4a03f", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "3644554d308ddf2669e459a1551a7edf60b2d62b", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "17c76b0104e4a6513983777e1a17e0297a12b0c4", |
| "lessThan": "9403001ad65ae4f4c5de368bdda3a0636b51d51a", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nilfs2/btree.c" |
| ], |
| "versions": [ |
| { |
| "version": "2.6.30", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "2.6.30", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.323", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.285", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.227", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.168", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.113", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.54", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.10.13", |
| "lessThanOrEqual": "6.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.11.2", |
| "lessThanOrEqual": "6.11.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "4.19.323" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "5.4.285" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "5.10.227" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "5.15.168" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "6.1.113" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "6.6.54" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "6.10.13" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "6.11.2" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.30", |
| "versionEndExcluding": "6.12" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/2b78e9df10fb7f4e9d3d7a18417dd72fbbc1dfd0" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1d94dbdfbb64cc48d10dec65cc3c4fbf2497b343" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/24bf40740a3da6b4056721da34997ae6938f3da1" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/73d23ecf234b7a6d47fb883f2dabe10e3230b31d" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/f68523e0f26faade18833fbef577a4295d8e2c94" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/21839b6fbc3c41b3e374ecbdb0cabbbb2c53cf34" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/db73500d3f0e558eb642aae1d4782e7726b4a03f" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/3644554d308ddf2669e459a1551a7edf60b2d62b" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9403001ad65ae4f4c5de368bdda3a0636b51d51a" |
| } |
| ], |
| "title": "nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-47699", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
