{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-38583", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-18T19:36:34.928Z", "datePublished": "2024-06-19T13:37:39.858Z", "dateUpdated": "2025-05-04T09:14:37.960Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:14:37.960Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nilfs2/segment.c"], "versions": [{"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "822ae5a8eac30478578a75f7e064f0584931bf2d", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "82933c84f188dcfe89eb26b0b48ab5d1ca99d164", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "e65ccf3a4de4f0c763d94789615b83e11f204438", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "86a30d6302deddb9fb97ba6fc4b04d0e870b582a", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "f9186bba4ea282b07293c1c892441df3a5441cb0", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "68e738be5c518fc3c4e9146b66f67c8fee0135fb", "status": "affected", "versionType": "git"}, {"version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nilfs2/segment.c"], "versions": [{"version": "2.6.35", "status": "affected"}, {"version": "0", "lessThan": "2.6.35", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.316", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.278", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.219", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.94", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.12", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.3", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "4.19.316"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "5.4.278"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "5.10.219"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "5.15.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "6.1.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "6.6.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "6.8.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "6.9.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.35", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"}, {"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"}, {"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"}, {"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"}, {"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"}, {"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"}, {"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"}, {"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"}, {"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"}], "title": "nilfs2: fix use-after-free of timer for log writer thread", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.825Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38583", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:13:56.689885Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:55.339Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.825Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38583", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:13:56.689885Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:26.845Z"}}], "cna": {"title": "nilfs2: fix use-after-free of timer for log writer thread", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "822ae5a8eac30478578a75f7e064f0584931bf2d", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "82933c84f188dcfe89eb26b0b48ab5d1ca99d164", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "e65ccf3a4de4f0c763d94789615b83e11f204438", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "86a30d6302deddb9fb97ba6fc4b04d0e870b582a", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "f9186bba4ea282b07293c1c892441df3a5441cb0", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "68e738be5c518fc3c4e9146b66f67c8fee0135fb", "versionType": "git"}, {"status": "affected", "version": "fdce895ea5dd4e24edf1f4d693827349a4e5b3b4", "lessThan": "f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "versionType": "git"}], "programFiles": ["fs/nilfs2/segment.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.35"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.35", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.316", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.278", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.219", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.161", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.94", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.33", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.12", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9.3", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/nilfs2/segment.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"}, {"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"}, {"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"}, {"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"}, {"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"}, {"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"}, {"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"}, {"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"}, {"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.316", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.278", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.219", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.161", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.94", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.33", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.12", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9.3", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10", "versionStartIncluding": "2.6.35"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:14:37.960Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38583", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:14:37.960Z", "dateReserved": "2024-06-18T19:36:34.928Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-19T13:37:39.858Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BF99E52-091D-4D39-8639-6E3471FEBD3A", "versionEndExcluding": "4.19.316", "versionStartIncluding": "2.6.35", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FDBF235-DA18-49A1-8690-6C7272FD0701", "versionEndExcluding": "5.4.278", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9063AF3-D593-43B7-810D-58B87F82F9F9", "versionEndExcluding": "5.10.219", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "31130639-53FE-4726-8986-434EE2528CB2", "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D20DE32-76F8-4E4C-A8DF-5B53082D18E5", "versionEndExcluding": "6.1.94", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E", "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "80550309-67AB-4FD1-AC07-3DED5C4F01B2", "versionEndExcluding": "6.8.12", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E07124C1-19E8-4D21-828D-9932A01D3011", "versionEndExcluding": "6.9.3", "versionStartIncluding": "6.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: corrige el use-after-free del temporizador para el hilo del escritor de registros Serie de parches \"nilfs2: corrige problemas relacionados con el escritor de registros\". Esta serie de correcci\u00f3n de errores cubre tres problemas relacionados con el escritor de registros nilfs2, incluido un problema de use-after-free del temporizador y un posible problema de bloqueo al desmontar, y un posible problema de congelaci\u00f3n en la sincronizaci\u00f3n de eventos encontrado durante su an\u00e1lisis. Los detalles se describen en cada registro de confirmaci\u00f3n. Este parche (de 3): Se inform\u00f3 un problema de use-after-free con respecto al temporizador sc_timer en la estructura nilfs_sc_info. El problema es que, aunque se utiliza para reactivar un subproceso de escritura de registros inactivo, sc_timer no se cierra hasta que la estructura nilfs_sc_info est\u00e1 a punto de liberarse y se utiliza independientemente de la vida \u00fatil del subproceso. Solucione este problema limitando el uso de sc_timer solo mientras el subproceso del escritor de registros est\u00e9 activo."}], "id": "CVE-2024-38583", "lastModified": "2024-11-21T09:26:24.520", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2024-06-19T14:15:18.397", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: nilfs2: fix use-after-free of timer for log writer thread", "id": "2293406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293406"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnilfs2: fix use-after-free of timer for log writer thread\nPatch series \"nilfs2: fix log writer related issues\".\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\nThis patch (of 3):\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-38583", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-38583\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-38583\nhttps://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38583-9fb7@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}