NVD

CVE-2024-26972 Detail

Rejected

This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default.

Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

7 change records found show changes

CVE Modified by kernel.org 12/19/2024 7:15:06 AM

Action	Type	Old Value	New Value
Changed	Description	In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path For error handling path in ubifs_symlink(), inode will be marked as bad first, then iput() is invoked. If inode->i_link is initialized by fscrypt_encrypt_symlink() in encryption scenario, inode->i_link won't be freed by callchain ubifs_free_inode -> fscrypt_free_inode in error handling path, because make_bad_inode() has changed 'inode->i_mode' as 'S_IFREG'. Following kmemleak is easy to be reproduced by injecting error in ubifs_jnl_update() when doing symlink in encryption scenario: unreferenced object 0xffff888103da3d98 (size 8): comm "ln", pid 1692, jiffies 4294914701 (age 12.045s) backtrace: kmemdup+0x32/0x70 __fscrypt_encrypt_symlink+0xed/0x1c0 ubifs_symlink+0x210/0x300 [ubifs] vfs_symlink+0x216/0x360 do_symlinkat+0x11a/0x190 do_syscall_64+0x3b/0xe0 There are two ways fixing it: 1. Remove make_bad_inode() in error handling path. We can do that because ubifs_evict_inode() will do same processes for good symlink inode and bad symlink inode, for inode->i_nlink checking is before is_bad_inode(). 2. Free inode->i_link before marking inode bad. Method 2 is picked, it has less influence, personally, I think.	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed	Reference	CVE: https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae
Removed	Reference	CVE: https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/3faea7810e2b3e9a9a92ef42d7e5feaeb8ff7133
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa

New CVE Received from kernel.org 5/01/2024 2:15:13 AM

Action

Type

Old Value

New Value

Added

Description

In the Linux kernel, the following vulnerability has been resolved:

ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path

For error handling path in ubifs_symlink(), inode will be marked as
bad first, then iput() is invoked. If inode->i_link is initialized by
fscrypt_encrypt_symlink() in encryption scenario, inode->i_link won't
be freed by callchain ubifs_free_inode -> fscrypt_free_inode in error
handling path, because make_bad_inode() has changed 'inode->i_mode' as
'S_IFREG'.
Following kmemleak is easy to be reproduced by injecting error in
ubifs_jnl_update() when doing symlink in encryption scenario:
 unreferenced object 0xffff888103da3d98 (size 8):
  comm "ln", pid 1692, jiffies 4294914701 (age 12.045s)
  backtrace:
   kmemdup+0x32/0x70
   __fscrypt_encrypt_symlink+0xed/0x1c0
   ubifs_symlink+0x210/0x300 [ubifs]
   vfs_symlink+0x216/0x360
   do_symlinkat+0x11a/0x190
   do_syscall_64+0x3b/0xe0
There are two ways fixing it:
 1. Remove make_bad_inode() in error handling path. We can do that
    because ubifs_evict_inode() will do same processes for good
    symlink inode and bad symlink inode, for inode->i_nlink checking
    is before is_bad_inode().
 2. Free inode->i_link before marking inode bad.
Method 2 is picked, it has less influence, personally, I think.

Added

Reference

kernel.org https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae [No types assigned]

Added

Reference

kernel.org https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-26972
NVD Published Date:
05/01/2024
NVD Last Modified:
12/19/2024
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-26972 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

CVE Modified by kernel.org 12/19/2024 7:15:06 AM

CVE Rejected by kernel.org 12/19/2024 7:15:06 AM

CVE Modified by CVE 11/21/2024 4:03:31 AM

CVE Modified by kernel.org 10/10/2024 8:15:03 AM

CVE Modified by kernel.org 5/29/2024 2:17:34 AM

CVE Modified by kernel.org 5/14/2024 11:10:59 AM

New CVE Received from kernel.org 5/01/2024 2:15:13 AM

Quick Info