Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-40969 | Mondoo Vulnerability Intelligence

CVE-2024-40969

MEDIUM5.5

f2fs: don't set RO when shutting down f2fs

Published Jul 12, 2024

Modified 6 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

f2fs: don't set RO when shutting down f2fs

Shutdown does not check the error of thaw_super due to readonly, which causes a deadlock like below.

f2fs_ioc_shutdown(F2FS_GOING_DOWN_FULLSYNC) issue_discard_thread

bdev_freeze
freeze_super
f2fs_stop_checkpoint()
f2fs_handle_critical_error - sb_start_write
- set RO - waiting
bdev_thaw
thaw_super_locked
- return -EINVAL, if sb_rdonly()
f2fs_stop_discard_thread -> wait for kthread_stop(discard_thread);

References

WEBhttps://git.kernel.org/stable/c/1036d3ea7a32cb7cee00885c73a1f2ba7fbc499a WEBhttps://git.kernel.org/stable/c/3bdb7f161697e2d5123b89fe1778ef17a44858e7 WEBhttps://git.kernel.org/stable/c/f47ed3b284b38f235355e281f57dfa8fffcc6563 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-40969

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJul 12, 2024

ModifiedJul 11, 2025