What is the severity of CVE-2024-49880?

CVE-2024-49880 has a medium severity rating due to the potential for filesystem corruption.

How do I fix CVE-2024-49880?

The vulnerability can be fixed by updating the Linux kernel to versions 6.11.4 or higher, or by applying the appropriate patches.

Which versions of the Linux kernel are affected by CVE-2024-49880?

CVE-2024-49880 affects Linux kernel versions from 6.8 to 6.10.14 and 6.11, as well as 6.12-rc1.

What impact does CVE-2024-49880 have on Linux systems?

This vulnerability can lead to filesystem inconsistencies and potential data loss when resizing the ext4 filesystem.

Who reported CVE-2024-49880?

The CVE-2024-49880 vulnerability was reported by a researcher named Wesley.

Vulnerability/
CVE-2024-49880

high

7.8

CWE

193

21/10/2024

19/12/2024

CVE-2024-49880: ext4: fix off by one issue in alloc_flex_gd()

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ================================================================== EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks ------------[ cut here ]------------ kernel BUG at fs/ext4/resize.c:324! CPU: 9 UID: 0 PID: 3576 Comm: resize2fs Not tainted 6.11.0+ #27 RIP: 0010:ext4_resize_fs+0x1212/0x12d0 Call Trace: __ext4_ioctl+0x4e0/0x1800 ext4_ioctl+0x12/0x20 __x64_sys_ioctl+0x99/0xd0 x64_sys_call+0x1206/0x20d0 do_syscall_64+0x72/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e ================================================================== While reviewing the patch, Honza found that when adjusting resize_bg in alloc_flex_gd(), it was possible for flex_gd->resize_bg to be bigger than flexbg_size. The reproduction of the problem requires the following: o_group = flexbg_size * 2 * n; o_size = (o_group + 1) * group_size; n_group: [o_group + flexbg_size, o_group + flexbg_size * 2) o_size = (n_group + 1) * group_size; Take n=0,flexbg_size=16 as an example: last:15 |o---------------|--------------n-| o_group:0 resize to n_group:30 The corresponding reproducer is: img=test.img rm -f $img truncate -s 600M $img mkfs.ext4 -F $img -b 1024 -G 16 8M dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 248M Delete the problematic plus 1 to fix the issue, and add a WARN_ON_ONCE() to prevent the issue from happening again. [ Note: another reproucer which this commit fixes is: img=test.img rm -f $img truncate -s 25MiB $img mkfs.ext4 -b 4096 -E nodiscard,lazy_itable_init=0,lazy_journal_init=0 $img truncate -s 3GiB $img dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 3G umount $dev losetup -d $dev -- TYT ]

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=6.8<6.10.14
Linux Kernel	>=6.11<6.11.3
Linux Kernel	=6.12-rc1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49880?
CVE-2024-49880 has a medium severity rating due to the potential for filesystem corruption.
How do I fix CVE-2024-49880?
The vulnerability can be fixed by updating the Linux kernel to versions 6.11.4 or higher, or by applying the appropriate patches.
Which versions of the Linux kernel are affected by CVE-2024-49880?
CVE-2024-49880 affects Linux kernel versions from 6.8 to 6.10.14 and 6.11, as well as 6.12-rc1.
What impact does CVE-2024-49880 have on Linux systems?
This vulnerability can lead to filesystem inconsistencies and potential data loss when resizing the ext4 filesystem.
Who reported CVE-2024-49880?
The CVE-2024-49880 vulnerability was reported by a researcher named Wesley.

agent/title
agent/references
agent/type
agent/first-publish-date
agent/description
agent/author
agent/event
agent/weakness
agent/remedy
agent/severity
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/6.8
version/linux kernel/6.11
version/linux kernel/6.12-rc1

Frequently Asked Questions

What is the severity of CVE-2024-49880?
CVE-2024-49880 has a medium severity rating due to the potential for filesystem corruption.
How do I fix CVE-2024-49880?
The vulnerability can be fixed by updating the Linux kernel to versions 6.11.4 or higher, or by applying the appropriate patches.
Which versions of the Linux kernel are affected by CVE-2024-49880?
CVE-2024-49880 affects Linux kernel versions from 6.8 to 6.10.14 and 6.11, as well as 6.12-rc1.
What impact does CVE-2024-49880 have on Linux systems?
This vulnerability can lead to filesystem inconsistencies and potential data loss when resizing the ext4 filesystem.
Who reported CVE-2024-49880?
The CVE-2024-49880 vulnerability was reported by a researcher named Wesley.

CVE-2024-49880: ext4: fix off by one issue in alloc_flex_gd()

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49880?

How do I fix CVE-2024-49880?

Which versions of the Linux kernel are affected by CVE-2024-49880?

What impact does CVE-2024-49880 have on Linux systems?

Who reported CVE-2024-49880?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-49880?

How do I fix CVE-2024-49880?

Which versions of the Linux kernel are affected by CVE-2024-49880?

What impact does CVE-2024-49880 have on Linux systems?

Who reported CVE-2024-49880?