What is the severity of CVE-2024-50250?

CVE-2024-50250 has a high severity due to its impact on data integrity in the Linux kernel.

How do I fix CVE-2024-50250?

To fix CVE-2024-50250, update your Linux kernel to a version that has patched the vulnerability.

Which versions of the Linux kernel are affected by CVE-2024-50250?

CVE-2024-50250 affects specific versions of the Linux kernel, including from 6.1.113 to 6.1.116 and various versions from 6.2 to 6.12-rc5.

What components does CVE-2024-50250 specific impact?

CVE-2024-50250 specifically impacts the fsdax subsystem within the Linux kernel.

What type of vulnerability is CVE-2024-50250?

CVE-2024-50250 is an integrity vulnerability that arises from broken data copying mechanisms within the Linux kernel.

Vulnerability/
CVE-2024-50250

high

7.1

9/11/2024

19/12/2024

CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks

First published: Sat Nov 09 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: fsdax: dax_unshare_iter needs to copy entire blocks The code that copies data from srcmap to iomap in dax_unshare_iter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to dax_file_unshare are not aligned to an fsblock boundary, the iter pos and length in the _iter function will reflect this unalignment. dax_iomap_direct_access always returns a pointer to the start of the kmapped fsdax page, even if its pos argument is in the middle of that page. This is catastrophic for data integrity when iter->pos is not aligned to a page, because daddr/saddr do not point to the same byte in the file as iter->pos. Hence we corrupt user data by copying it to the wrong place. If iter->pos + iomap_length() in the _iter function not aligned to a page, then we fail to copy a full block, and only partially populate the destination block. This is catastrophic for data confidentiality because we expose stale pmem contents. Fix both of these issues by aligning copy_pos/copy_len to a page boundary (remember, this is fsdax so 1 fsblock == 1 base page) so that we always copy full blocks. We're not done yet -- there's no call to invalidate_inode_pages2_range, so programs that have the file range mmap'd will continue accessing the old memory mapping after the file metadata updates have completed. Be careful with the return value -- if the unshare succeeds, we still need to return the number of bytes that the iomap iter thinks we're operating on.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=6.1.113<6.1.116
Linux Kernel	>=6.2<6.6.60
Linux Kernel	>=6.7<6.11.7
Linux Kernel	=6.12-rc1
Linux Kernel	=6.12-rc2
Linux Kernel	=6.12-rc3
Linux Kernel	=6.12-rc4
Linux Kernel	=6.12-rc5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-50250?
CVE-2024-50250 has a high severity due to its impact on data integrity in the Linux kernel.
How do I fix CVE-2024-50250?
To fix CVE-2024-50250, update your Linux kernel to a version that has patched the vulnerability.
Which versions of the Linux kernel are affected by CVE-2024-50250?
CVE-2024-50250 affects specific versions of the Linux kernel, including from 6.1.113 to 6.1.116 and various versions from 6.2 to 6.12-rc5.
What components does CVE-2024-50250 specific impact?
CVE-2024-50250 specifically impacts the fsdax subsystem within the Linux kernel.
What type of vulnerability is CVE-2024-50250?
CVE-2024-50250 is an integrity vulnerability that arises from broken data copying mechanisms within the Linux kernel.

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
agent/remedy
agent/severity
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/6.1.113
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.12-rc1
version/linux kernel/6.12-rc2
version/linux kernel/6.12-rc3
version/linux kernel/6.12-rc4
version/linux kernel/6.12-rc5

Frequently Asked Questions

What is the severity of CVE-2024-50250?
CVE-2024-50250 has a high severity due to its impact on data integrity in the Linux kernel.
How do I fix CVE-2024-50250?
To fix CVE-2024-50250, update your Linux kernel to a version that has patched the vulnerability.
Which versions of the Linux kernel are affected by CVE-2024-50250?
CVE-2024-50250 affects specific versions of the Linux kernel, including from 6.1.113 to 6.1.116 and various versions from 6.2 to 6.12-rc5.
What components does CVE-2024-50250 specific impact?
CVE-2024-50250 specifically impacts the fsdax subsystem within the Linux kernel.
What type of vulnerability is CVE-2024-50250?
CVE-2024-50250 is an integrity vulnerability that arises from broken data copying mechanisms within the Linux kernel.

CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-50250?

How do I fix CVE-2024-50250?

Which versions of the Linux kernel are affected by CVE-2024-50250?

What components does CVE-2024-50250 specific impact?

What type of vulnerability is CVE-2024-50250?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-50250?

How do I fix CVE-2024-50250?

Which versions of the Linux kernel are affected by CVE-2024-50250?

What components does CVE-2024-50250 specific impact?

What type of vulnerability is CVE-2024-50250?