CVE-2024-50191Deadlock in Linux

CWE-833Deadlock47 documents6 sources
Severity
5.5MEDIUMNVD
OSV8.8
EPSS
0.0%
top 95.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedNov 8
Latest updateMay 26

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONLY flag to stop all filesystem modifications. We knew this misses proper locking (sb->s_umount) and does not go through proper filesystem remount procedure but it has been the way this worked since early ext2 days and it was good enough for catastrophic situation damage mitigation. Recently, syzbot ha

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel5.166.1.113+3
Debianlinux/linux_kernel< 6.11.4-1+1
Ubuntulinux/linux_kernel< 5.15.0-127.137+2
CVEListV5linux/linux95257987a6387f02970eda707e55a06cce734e1858c0648e4c773f5b54f0cb63bc8c7c6bf52719a9+3
debiandebian/linux< linux 6.11.4-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

23
OSV
linux-raspi vulnerabilities2025-05-26
OSV
linux-raspi-realtime vulnerabilities2025-05-20
OSV
linux-azure-nvidia vulnerabilities2025-04-28
OSV
linux-aws-6.8 vulnerabilities2025-04-23
OSV
linux-azure-6.8 vulnerabilities2025-04-01

📋Vendor Advisories

23
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-26
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-05-20
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-04-28
Ubuntu
Linux kernel vulnerabilities2025-04-23
Ubuntu
Linux kernel (Azure) vulnerabilities2025-04-01