CVE-2024-38583
Published: Jun 19, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-free issue and potential deadlock issue on unmount, and a potential freeze issue in event synchronization found during their analysis. Details are described in each commit log. This patch (of 3): A use-after-free issue has been reported regarding the timer sc_timer on the nilfs_sc_info structure. The problem is that even though it is used to wake up a sleeping log writer thread, sc_timer is not shut down until the nilfs_sc_info structure is about to be freed, and is used regardless of the thread's lifetime. Fix this issue by limiting the use of sc_timer only while the log writer thread is alive.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 - < 822ae5a8eac30478578a75f7e064f0584931bf2daffected fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 - < 82933c84f188dcfe89eb26b0b48ab5d1ca99d164affected fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 - < 67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148affected fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 - < e65ccf3a4de4f0c763d94789615b83e11f204438affected fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 - < 86a30d6302deddb9fb97ba6fc4b04d0e870b582a+4 more versions |
Linux | Linux | affected 2.6.35unaffected 0 - < 2.6.35unaffected 4.19.316 - <= 4.19.*unaffected 5.4.278 - <= 5.4.*unaffected 5.10.219 - <= 5.10.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now