CVE-2024-34027

low-risk
Published 2024-06-24

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock to avoid racing with checkpoint, otherwise, filesystem metadata including blkaddr in dnode, inode fields and .total_valid_block_count may be corrupted after SPO case.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (1)

Affected Vendors

Linux

References (12)

Patch https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019
Patch https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b
Patch https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f
Patch https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4
Patch https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b
Patch https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182
Patch https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019
Patch https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b
Patch https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f
Patch https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4
Patch https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b
Patch https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal