CVE-2024-47700

low-risk

Published 2024-10-21

In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed when trying to remount. This can leave us with cases where stripe < cluster_ratio after remount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some unforeseen bugs like divide by 0. Fix that by adding the check in remount path as well.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (4)

Patch https://git.kernel.org/stable/c/297615e992bbb30a55c158141086be6505d5d722

Patch https://git.kernel.org/stable/c/a31b712f75445d52fc0451dc54fd7b16a552cb7c

Patch https://git.kernel.org/stable/c/ee85e0938aa8f9846d21e4d302c3cf6a2a75110d

Patch https://git.kernel.org/stable/c/faeff8b1ee2eaa5969c8e994d66c3337298cefed

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal