Description A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
CVSS vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Exploitability: 1.8 | Impact: 5.2 Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: High
Affected Packages2 packages Also affects: Enterprise Linux 9.0
🔴 Vulnerability Details3 CVEList Kernel: use-after-free while changing the mount option in __ext4_remount leading ↗ 2024-01-22 ▶ OSV CVE-2024-0775: A use-after-free flaw was found in the __ext4_remount in fs/ext4/super ↗ 2024-01-22 ▶ GHSA GHSA-w57v-9x67-753v: A use-after-free flaw was found in the __ext4_remount in fs/ext4/super ↗ 2024-01-22 ▶
📋 Vendor Advisories9 Ubuntu Linux kernel (Azure) vulnerabilities ↗ 2024-04-09 ▶ Ubuntu Linux kernel vulnerabilities ↗ 2024-03-25 ▶ Ubuntu Linux kernel (AWS) vulnerabilities ↗ 2024-03-21 ▶ Ubuntu Linux kernel (GCP) vulnerabilities ↗ 2024-03-20 ▶ Ubuntu Linux kernel vulnerabilities ↗ 2024-03-18 ▶ Show 4 more
💬 Community1 Bugzilla CVE-2024-0775 kernel: use-after-free while changing the mount option in __ext4_remount leading ↗ 2024-01-21 ▶