CVE-2024-53147

Dec. 24, 2024, 12:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system corruption, then the directory entry where ei->hint_femp.eidx hint is outside the directory, resulting in an out-of-bounds access, which may cause further file system corruption. This commit adds a check for start_clu, if it is an invalid cluster, the file or directory will be treated as empty.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/184fa506e392eb78364d9283c961217ff2c0617b
https://git.kernel.org/stable/c/3ddd1cb2b458ff6a193bc845f408dfff217db29e
https://git.kernel.org/stable/c/a0120d6463368378539ef928cf067d02372efb8c

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-12-24
CVE-2024-53147

Timeline

Published: Dec. 24, 2024, 12:15 p.m.
Last Modified: Dec. 24, 2024, 12:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.