CVE-2024-53234

Jan. 23, 2025, 5:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta[1] lclusters gracefully syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctl_fiemap fs/ioctl.c:220 [inline] Generally, NONHEAD lclusters won't have delta[1]==0, except for crafted images and filesystems created by pre-1.0 mkfs versions. Previously, it would immediately bail out if delta[1]==0, which led to inadequate decompressed lengths (thus FIEMAP is impacted). Treat it as delta[1]=1 to work around these legacy mkfs versions. `lclusterbits > 14` is illegal for compact indexes, error out too.

Product(s) Impacted

Product Versions
Linux Kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/0bc8061ffc733a0a246b8689b2d32a3e9204f43c
https://git.kernel.org/stable/c/480c6c7b55aeacac800bc2a0d321ff53273045e5
https://git.kernel.org/stable/c/75a0a6dde803e7a3af700da8da9a361b49f69eba
https://git.kernel.org/stable/c/daaf68fef4b2ff97928227630021d37b27a96655
https://git.kernel.org/stable/c/f466641debcbea8bdf78d1b63a6270aadf9301bf

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-12-27
CVE-2024-53234

Timeline

Published: Dec. 27, 2024, 2:15 p.m.
Last Modified: Jan. 23, 2025, 5:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.