Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2024-56570

Published: January 2, 2025Last modified: January 2, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.

Severity score breakdown

ParameterValue
Base score7.8
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactHIGH
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsFixed (6.1.120-r0)
25 LTSlinux-ltsFixed (6.12.41-r0)
Streamlinux-ltsFixed (6.12.41-r0)

References

ON THIS PAGE