U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2024-42306 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. However the next allocation from the same bitmap will notice the bitmap buffer is already loaded and tries to allocate from the bitmap with mixed results (depending on the exact nature of the bitmap corruption). Fix the problem by using BH_verified bit to indicate whether the bitmap is valid or not.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://cert-portal.siemens.com/productcert/html/ssa-265688.html siemens-SADP
https://git.kernel.org/stable/c/2199e157a465aaf98294d3932797ecd7fce942d5 kernel.org Patch 
https://git.kernel.org/stable/c/271cab2ca00652bc984e269cf1208699a1e09cdd kernel.org Patch 
https://git.kernel.org/stable/c/57053b3bcf3403b80db6f65aba284d7dfe7326af kernel.org Patch 
https://git.kernel.org/stable/c/6a43e3c210df6c5f00570f4be49a897677dbcb64 kernel.org Patch 
https://git.kernel.org/stable/c/8ca170c39eca7cad6e0cfeb24e351d8f8eddcd65 kernel.org Patch 
https://git.kernel.org/stable/c/a90d4471146de21745980cba51ce88e7926bcc4f kernel.org Patch 
https://git.kernel.org/stable/c/cae9e59cc41683408b70b9ab569f8654866ba914 kernel.org Patch 
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html CVE
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html CVE

Weakness Enumeration

CWE-ID CWE Name Source
NVD-CWE-noinfo Insufficient Information cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-42306
NVD Published Date:
08/17/2024
NVD Last Modified:
05/12/2026
Source:
kernel.org