Vulnerability Details : CVE-2024-26848
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix endless loop in directory parsing
If a directory has a block with only ".__afsXXXX" files in it (from
uncompleted silly-rename), these .__afsXXXX files are skipped but without
advancing the file position in the dir_context. This leads to
afs_dir_iterate() repeating the block again and again.
Fix this by making the code that skips the .__afsXXXX file also manually
advance the file position.
The symptoms are a soft lookup:
watchdog: BUG: soft lockup - CPU#3 stuck for 52s! [check:5737]
...
RIP: 0010:afs_dir_iterate_block+0x39/0x1fd
...
? watchdog_timer_fn+0x1a6/0x213
...
? asm_sysvec_apic_timer_interrupt+0x16/0x20
? afs_dir_iterate_block+0x39/0x1fd
afs_dir_iterate+0x10a/0x148
afs_readdir+0x30/0x4a
iterate_dir+0x93/0xd3
__do_sys_getdents64+0x6b/0xd4
This is almost certainly the actual fix for:
https://bugzilla.kernel.org/show_bug.cgi?id=218496
Products affected by CVE-2024-26848
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2024-26848
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2024-26848
-
https://git.kernel.org/stable/c/5f7a07646655fb4108da527565dcdc80124b14c4
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/fe02316e4933befc621fa125efb8f8b4d04cceec
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/2afdd0cb02329464d77f3ec59468395c791a51a4
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/a6ffae61ad9ebf2fdcb943135b2f30c85f49cd27
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/b94f434fe977689da4291dc21717790b9bd1c064
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/058ed71e0f7aa3b6694ca357e23d084e5d3f2470
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/106e14ca55a0acb3236ee98813a1d243f8aa2d05
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/f67898867b6b0f4542cddc7fe57997978b948a7a
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/96370ba395c572ef496fd2c7afc4a1ab3dedd3f0
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/5c78be006ed9cb735ac2abf4fd64f3f4ea26da31
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/9c41f4935625218a2053a2dce1423c3054169809
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/80b15346492bdba677bbb0adefc611910e505f7b
afs: Fix endless loop in directory parsing - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/76426abf9b980b46983f97de8e5b25047b4c9863
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
[SECURITY] [DLA 3842-1] linux-5.10 security update
-
https://git.kernel.org/stable/c/854ebf45a4ddd4cadeffb6644e88d19020634e1a
afs: Revert "afs: Hide silly-rename files from userspace" - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to