Release Date: | 2024-10-21 | |
Impact: | Moderate | What is this? |
In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates because the file descriptor is opened with O_SYNC. This can lead to the jbd2_journal_stop() function calling jbd2_might_wait_for_commit(), potentially causing a deadlock if the EXT4_IOC_MIGRATE call races with a write(2) system call. This problem only arises when CONFIG_PROVE_LOCKING is enabled. In this case, the jbd2_might_wait_for_commit macro locks jbd2_handle in the jbd2_journal_stop function while i_data_sem is locked. This triggers lockdep because the jbd2_journal_start function might also lock the same jbd2_handle simultaneously. Found by Linux Verification Center (linuxtesting.org) with syzkaller. Rule: add
See more information about CVE-2024-50006 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS metrics and score provided are preliminary and subject to review.
Base Score: | 4.7 |
Vector String: | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Version: | 3.1 |
Attack Vector: | Local |
Attack Complexity: | High |
Privileges Required: | Low |
User Interaction: | None |
Scope: | Unchanged |
Confidentiality Impact: | None |
Integrity Impact: | None |
Availability Impact: | High |
Platform | Errata | Release Date |
Oracle Linux version 7 (kernel-uek) | ELSA-2024-12884 | 2024-12-16 |
Oracle Linux version 8 (kernel-uek) | ELSA-2024-12884 | 2024-12-16 |
Oracle Linux version 8 (kernel-uek) | ELSA-2024-12887 | 2024-12-18 |
Oracle Linux version 9 (kernel) | ELSA-2025-6966 | 2025-05-16 |
Oracle Linux version 9 (kernel-uek) | ELSA-2024-12887 | 2024-12-18 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections: