Advisory Published
CVE Published
Updated

CVE-2024-26848: afs: Fix endless loop in directory parsing

First published: Wed Apr 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: afs: Fix endless loop in directory parsing If a directory has a block with only ".__afsXXXX" files in it (from uncompleted silly-rename), these .__afsXXXX files are skipped but without advancing the file position in the dir_context. This leads to afs_dir_iterate() repeating the block again and again. Fix this by making the code that skips the .__afsXXXX file also manually advance the file position. The symptoms are a soft lookup: watchdog: BUG: soft lockup - CPU#3 stuck for 52s! [check:5737] ... RIP: 0010:afs_dir_iterate_block+0x39/0x1fd ... ? watchdog_timer_fn+0x1a6/0x213 ... ? asm_sysvec_apic_timer_interrupt+0x16/0x20 ? afs_dir_iterate_block+0x39/0x1fd afs_dir_iterate+0x10a/0x148 afs_readdir+0x30/0x4a iterate_dir+0x93/0xd3 __do_sys_getdents64+0x6b/0xd4 This is almost certainly the actual fix for: https://bugzilla.kernel.org/show_bug.cgi?id=218496

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
debian/linux
5.10.218-1
5.10.221-1
6.1.94-1
6.1.99-1
6.9.10-1
6.9.12-1
ubuntu/linux<5.4.0-186.206
5.4.0-186.206
ubuntu/linux<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws<5.4.0-1126.136
5.4.0-1126.136
ubuntu/linux-aws<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws-5.4<5.4.0-1126.136~18.04.1
5.4.0-1126.136~18.04.1
ubuntu/linux-aws-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws-fips<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-aws-hwe<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure<5.4.0-1131.138
5.4.0-1131.138
ubuntu/linux-azure<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-4.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-5.4<5.4.0-1131.138~18.04.1
5.4.0-1131.138~18.04.1
ubuntu/linux-azure-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-fde<5.15.0-1067.76.1
5.15.0-1067.76.1
ubuntu/linux-azure-fde<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-fde-5.15<5.15.0-1065.74~20.04.1.1
5.15.0-1065.74~20.04.1.1
ubuntu/linux-azure-fde-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-azure-fips<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-bluefield<5.4.0-1086.93
5.4.0-1086.93
ubuntu/linux-bluefield<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-fips<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp<5.4.0-1130.139
5.4.0-1130.139
ubuntu/linux-gcp<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp-4.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp-5.4<5.4.0-1130.139~18.04.1
5.4.0-1130.139~18.04.1
ubuntu/linux-gcp-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gcp-fips<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gke<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gkeop<5.4.0-1093.97
5.4.0-1093.97
ubuntu/linux-gkeop<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-gkeop-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-hwe<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-hwe-5.15<5.15.0-113.123~20.04.1
5.15.0-113.123~20.04.1
ubuntu/linux-hwe-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-hwe-5.4<5.4.0-186.206~18.04.1
5.4.0-186.206~18.04.1
ubuntu/linux-hwe-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-hwe-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-ibm<5.4.0-1073.78
5.4.0-1073.78
ubuntu/linux-ibm<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-ibm-5.15<5.15.0-1057.60~20.04.1
5.15.0-1057.60~20.04.1
ubuntu/linux-ibm-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-ibm-5.4<5.4.0-1073.78~18.04.1
5.4.0-1073.78~18.04.1
ubuntu/linux-ibm-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-intel<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-intel-iotg<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-intel-iotg-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-iot<5.4.0-1038.39
5.4.0-1038.39
ubuntu/linux-iot<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-kvm<5.4.0-1114.121
5.4.0-1114.121
ubuntu/linux-kvm<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-laptop<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-lowlatency<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-lowlatency-hwe-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-lowlatency-hwe-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-lts-xenial<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-nvidia<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-nvidia-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-nvidia-6.8<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-nvidia-lowlatency<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oem-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oem-6.8<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oracle<5.4.0-1125.134
5.4.0-1125.134
ubuntu/linux-oracle<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oracle-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oracle-5.4<5.4.0-1125.134~18.04.1
5.4.0-1125.134~18.04.1
ubuntu/linux-oracle-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-oracle-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-raspi<5.4.0-1110.122
5.4.0-1110.122
ubuntu/linux-raspi<5.15.0-1058.61
5.15.0-1058.61
ubuntu/linux-raspi<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-raspi-5.4<5.4.0-1110.122~18.04.1
5.4.0-1110.122~18.04.1
ubuntu/linux-raspi-5.4<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-riscv<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-riscv-5.15<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-riscv-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-starfive<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-starfive-6.5<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151
ubuntu/linux-xilinx-zynqmp<5.4.0-1045.49
5.4.0-1045.49
ubuntu/linux-xilinx-zynqmp<6.8~<5.4.271<5.15.151
6.8~
5.4.271
5.15.151

Remedy

https://git.kernel.org/linus/57e9d49c54528c49b8bffe6d99d782ea051ea534

Remedy

https://git.kernel.org/linus/5f7a07646655fb4108da527565dcdc80124b14c4|0aec3847d044273733285dcff90afda89ad461d2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203