CVE-2024-26697 — Out-of-bounds Write in Linux

CWE-787 — Out-of-bounds Write CWE-99 — Resource Injection30 documents7 sources

Severity

5.5MEDIUMNVD

OSV7.0OSV6.5

EPSS

0.0%

top 99.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedApr 3

Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix data corruption in dsync block recovery for small block sizes The helper function nilfs_recovery_copy_block() of nilfs_recovery_dsync_blocks(), which recovers data from logs created by data sync writes during a mount after an unclean shutdown, incorrectly calculates the on-page offset when copying repair data to the file's page cache. In environments where the block size is smaller than the page size, this flaw can…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

▶NVDlinux/linux_kernel4.20 — 5.4.269+7

▶Debianlinux/linux_kernel< 5.10.216-1+3

▶Ubuntulinux/linux_kernel< 5.4.0-181.201+1

▶CVEListV5linux/linux0f3e1c7f23f8a6f8224fa1d275381f6d9279ad4b — 5278c3eb6bf5896417572b52adb6be9d26e92f65+8

▶debiandebian/linux< linux 6.1.82-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-oem-6.5 vulnerabilities↗2024-08-02

▶

OSV

linux-aws-6.5, linux-lowlatency-hwe-6.5, linux-oracle-6.5, linux-starfive-6.5 vulnerabilities↗2024-07-19

▶

OSV

linux-hwe-6.5 vulnerabilities↗2024-07-17

▶

OSV

linux-azure-6.5, linux-gcp-6.5 vulnerabilities↗2024-07-16

▶

OSV

linux, linux-gcp, linux-nvidia-6.5, linux-raspi vulnerabilities↗2024-07-12

▶

📋Vendor Advisories

CISA ICS

Siemens SINEC OS↗2025-08-14

▶

Ubuntu

Linux kernel vulnerabilities↗2024-08-02

▶

Ubuntu

Linux kernel vulnerabilities↗2024-07-19

▶

Ubuntu

Linux kernel vulnerabilities↗2024-07-17

▶

Ubuntu

Linux kernel vulnerabilities↗2024-07-16

▶