CVE-2024-46780Race Condition in Linux

CWE-362Race Condition56 documents7 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV7.8OSV7.1
EPSS
0.0%
top 97.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedSep 18
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also regularly swapped, replaced during resizing, and even abandoned when degrading to one side due to backing device issues. So, accessing them requires mutual exclusion using the reader/writer semaphore "nilfs->ns_sem". Some sysfs attribute show

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel3.174.19.322+7
Debianlinux/linux_kernel< 5.10.226-1+3
Ubuntulinux/linux_kernel< 5.4.0-200.220+4
CVEListV5linux/linuxda7141fb78db915680616e15677539fc8140cf53b90beafac05931cbfcb6b1bd4f67c1923f47040e+8
debiandebian/linux< linux 6.1.112-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

27
OSV
linux-lts-xenial vulnerabilities2025-05-13
OSV
linux-fips vulnerabilities2025-05-12
OSV
linux-aws vulnerabilities2025-05-12
OSV
linux, linux-aws, linux-kvm vulnerabilities2025-05-12
OSV
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities2025-05-07

📋Vendor Advisories

28
CISA ICS
Siemens Third-Party Components in SINEC OS2025-08-14
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities2025-05-13
Ubuntu
Linux kernel (FIPS) vulnerabilities2025-05-12
Ubuntu
Linux kernel vulnerabilities2025-05-12
Ubuntu
Linux kernel (AWS) vulnerabilities2025-05-12