Executive Summary

Informations
Name CVE-2024-53234 First vendor Publication 2024-12-27
Vendor Cve Last vendor Modification 2025-01-23

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

erofs: handle NONHEAD !delta[1] lclusters gracefully

syzbot reported a WARNING in iomap_iter_done:
iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80
ioctl_fiemap fs/ioctl.c:220 [inline]

Generally, NONHEAD lclusters won't have delta[1]==0, except for crafted images and filesystems created by pre-1.0 mkfs versions.

Previously, it would immediately bail out if delta[1]==0, which led to inadequate decompressed lengths (thus FIEMAP is impacted). Treat it as delta[1]=1 to work around these legacy mkfs versions.

`lclusterbits > 14` is illegal for compact indexes, error out too.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53234

Sources (Detail)

https://git.kernel.org/stable/c/0bc8061ffc733a0a246b8689b2d32a3e9204f43c
https://git.kernel.org/stable/c/480c6c7b55aeacac800bc2a0d321ff53273045e5
https://git.kernel.org/stable/c/75a0a6dde803e7a3af700da8da9a361b49f69eba
https://git.kernel.org/stable/c/daaf68fef4b2ff97928227630021d37b27a96655
https://git.kernel.org/stable/c/f466641debcbea8bdf78d1b63a6270aadf9301bf
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2025-01-23 21:20:38
  • Multiple Updates
2024-12-27 17:20:28
  • First insertion