CVE-2024-50211

LOW3.3

udf: refactor inode_bmap() to handle error

Published Nov 8, 2024

Modified 1 weeks ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

udf: refactor inode_bmap() to handle error

Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out early without resorting to checking for particular offsets and assuming internal behavior of these functions.

References

WEBhttps://git.kernel.org/stable/c/493447dd8336607fce426f7879e581095f6c606e WEBhttps://git.kernel.org/stable/c/b22d9a5698abf04341f8fbc30141e0673863c3a6 WEBhttps://git.kernel.org/stable/c/c226964ec786f3797ed389a16392ce4357697d24 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-50211

CVSS Analysis

CVSS v3.1

3.3

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

LowA:L

3.3/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Ecosystems

Timeline

PublishedNov 8, 2024

ModifiedJan 5, 2026