CVE-2024-46801

Published: Sep 18, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: libfs: fix get_stashed_dentry() get_stashed_dentry() tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereference the stashed location to prevent UAF issues. Use rcu_dereference() instead of READ_ONCE() it's effectively equivalent with some lockdep bells and whistles and it communicates clearly that this expects rcu protection.

Vendor	Product	Versions
Linux	Linux	affected `07fd7c329839cf0b8c7766883d830a1a0d12d1dd - < 03e2a1209a83a380df34a72f7d6d1bc6c74132c7` affected `07fd7c329839cf0b8c7766883d830a1a0d12d1dd - < 4e32c25b58b945f976435bbe51f39b32d714052e`
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.10.10 - <= 6.10.` unaffected `6.11 - <= `

References

https://git.kernel.org/stable/c/03e2a1209a83a380df34a72f7d6d1bc6c74132c7

https://git.kernel.org/stable/c/4e32c25b58b945f976435bbe51f39b32d714052e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46801

Description

Affected Products

References