This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
History

Thu, 19 Dec 2024 16:30:00 +0000


Thu, 19 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Title afs: Fix endless loop in directory parsing kernel: afs: Fix endless loop in directory parsing
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 19 Dec 2024 15:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: afs: Fix endless loop in directory parsing If a directory has a block with only ".__afsXXXX" files in it (from uncompleted silly-rename), these .__afsXXXX files are skipped but without advancing the file position in the dir_context. This leads to afs_dir_iterate() repeating the block again and again. Fix this by making the code that skips the .__afsXXXX file also manually advance the file position. The symptoms are a soft lookup: watchdog: BUG: soft lockup - CPU#3 stuck for 52s! [check:5737] ... RIP: 0010:afs_dir_iterate_block+0x39/0x1fd ... ? watchdog_timer_fn+0x1a6/0x213 ... ? asm_sysvec_apic_timer_interrupt+0x16/0x20 ? afs_dir_iterate_block+0x39/0x1fd afs_dir_iterate+0x10a/0x148 afs_readdir+0x30/0x4a iterate_dir+0x93/0xd3 __do_sys_getdents64+0x6b/0xd4 This is almost certainly the actual fix for: https://bugzilla.kernel.org/show_bug.cgi?id=218496 This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Tue, 05 Nov 2024 10:45:00 +0000

Type Values Removed Values Added
References

Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-04-17T10:14:19.546Z

Updated: 2024-12-19T15:16:32.263Z

Reserved: 2024-02-19T14:20:24.182Z

Link: CVE-2024-26848

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2024-04-17T11:15:08.323

Modified: 2024-12-19T16:15:07.703

Link: CVE-2024-26848

cve-icon Redhat

Severity : Low

Publid Date: 2024-04-17T00:00:00Z

Links: CVE-2024-26848 - Bugzilla