high
7.8
CWE
416
Advisory Published
Updated

CVE-2024-49889: ext4: avoid use-after-free in ext4_ext_show_leaf()

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4_ext_show_leaf() In ext4_find_extent(), path may be freed by error or be reallocated, so using a previously saved *ppath may have been freed and thus may trigger use-after-free, as follows: ext4_split_extent path = *ppath; ext4_split_extent_at(ppath) path = ext4_find_extent(ppath) ext4_split_extent_at(ppath) // ext4_find_extent fails to free path // but zeroout succeeds ext4_ext_show_leaf(inode, path) eh = path[depth].p_hdr // path use-after-free !!! Similar to ext4_split_extent_at(), we use *ppath directly as an input to ext4_ext_show_leaf(). Fix a spelling error by the way. Same problem in ext4_ext_handle_unwritten_extents(). Since 'path' is only used in ext4_ext_show_leaf(), remove 'path' and use *ppath directly. This issue is triggered only when EXT_DEBUG is defined and therefore does not affect functionality.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel<5.10.227
Linux Kernel>=5.11<5.15.168
Linux Kernel>=5.16<6.1.113
Linux Kernel>=6.2<6.6.55
Linux Kernel>=6.7<6.10.14
Linux Kernel>=6.11<6.11.3
debian/linux<=5.10.223-1
5.10.234-1
6.1.129-1
6.1.128-1
6.12.19-1
6.12.20-1
debian/linux-6.1
6.1.128-1~deb11u1

Remedy

https://git.kernel.org/stable/c/2eba3b0cc5b8de624918d21f32b5b8db59a90b39

Remedy

https://git.kernel.org/stable/c/34b2096380ba475771971a778a478661a791aa15

Remedy

https://git.kernel.org/stable/c/4999fed877bb64e3e7f9ab9996de2ca983c41928

Remedy

https://git.kernel.org/stable/c/4e2524ba2ca5f54bdbb9e5153bea00421ef653f5

Remedy

https://git.kernel.org/stable/c/8b114f2cc7dd5d36729d040b68432fbd0f0a8868

Remedy

https://git.kernel.org/stable/c/b0cb4561fc4284d04e69c8a66c8504928ab2484e

Remedy

https://git.kernel.org/stable/c/d483c7cc1796bd6a80e7b3a8fd494996260f6b67

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-49889?

    CVE-2024-49889 is classified as a critical vulnerability that can lead to a use-after-free condition in the Linux kernel.

  • How do I fix CVE-2024-49889?

    To fix CVE-2024-49889, update to a patched version of the Linux kernel above 5.10.227 or apply the recommended remedial updates.

  • Which versions of the Linux kernel are affected by CVE-2024-49889?

    CVE-2024-49889 affects multiple versions of the Linux kernel ranging from 5.10.224 to versions below 6.11.

  • What potential impact does CVE-2024-49889 have on systems?

    CVE-2024-49889 can potentially allow attackers to execute arbitrary code or cause a system crash due to memory corruption.

  • Is there a temporary workaround for CVE-2024-49889?

    There are no recommended temporary workarounds for CVE-2024-49889; updating the kernel is the best course of action.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203