Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40943", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.588Z", "datePublished": "2024-07-12T12:25:17.813Z", "dateUpdated": "2025-05-04T09:18:29.194Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:18:29.194Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix races between hole punching and AIO+DIO\n\nAfter commit \"ocfs2: return real error code in ocfs2_dio_wr_get_block\",\nfstests/generic/300 become from always failed to sometimes failed:\n\n========================================================================\n[ 473.293420 ] run fstests generic/300\n\n[ 475.296983 ] JBD2: Ignoring recovery information on journal\n[ 475.302473 ] ocfs2: Mounting device (253,1) on (node local, slot 0) with ordered data mode.\n[ 494.290998 ] OCFS2: ERROR (device dm-1): ocfs2_change_extent_flag: Owner 5668 has an extent at cpos 78723 which can no longer be found\n[ 494.291609 ] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.\n[ 494.292018 ] OCFS2: File system is now read-only.\n[ 494.292224 ] (kworker/19:11,2628,19):ocfs2_mark_extent_written:5272 ERROR: status = -30\n[ 494.292602 ] (kworker/19:11,2628,19):ocfs2_dio_end_io_write:2374 ERROR: status = -3\nfio: io_u error on file /mnt/scratch/racer: Read-only file system: write offset=460849152, buflen=131072\n=========================================================================\n\nIn __blockdev_direct_IO, ocfs2_dio_wr_get_block is called to add unwritten\nextents to a list. extents are also inserted into extent tree in\nocfs2_write_begin_nolock. Then another thread call fallocate to puch a\nhole at one of the unwritten extent. The extent at cpos was removed by\nocfs2_remove_extent(). At end io worker thread, ocfs2_search_extent_list\nfound there is no such extent at the cpos.\n\n T1 T2 T3\n inode lock\n ...\n insert extents\n ...\n inode unlock\nocfs2_fallocate\n __ocfs2_change_file_space\n inode lock\n lock ip_alloc_sem\n ocfs2_remove_inode_range inode\n ocfs2_remove_btree_range\n ocfs2_remove_extent\n ^---remove the extent at cpos 78723\n ...\n unlock ip_alloc_sem\n inode unlock\n ocfs2_dio_end_io\n ocfs2_dio_end_io_write\n lock ip_alloc_sem\n ocfs2_mark_extent_written\n ocfs2_change_extent_flag\n ocfs2_search_extent_list\n ^---failed to find extent\n ...\n unlock ip_alloc_sem\n\nIn most filesystems, fallocate is not compatible with racing with AIO+DIO,\nso fix it by adding to wait for all dio before fallocate/punch_hole like\next4."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/file.c"], "versions": [{"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "3c26b5d21b1239e9c7fd31ba7d9b2d7bdbaa68d9", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "e8e2db1adac47970a6a9225f3858e9aa0e86287f", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "050ce8af6838c71e872e982b50d3f1bec21da40e", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "38825ff9da91d2854dcf6d9ac320a7e641e10f25", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "ea042dc2bea19d72e37c298bf65a9c341ef3fff3", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "3c361f313d696df72f9bccf058510e9ec737b9b1", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "117b9c009b72a6c2ebfd23484354dfee2d9570d2", "status": "affected", "versionType": "git"}, {"version": "b25801038da5823bba1b5440a57ca68afc51b6bd", "lessThan": "952b023f06a24b2ad6ba67304c4c84d45bea2f18", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/file.c"], "versions": [{"version": "2.6.23", "status": "affected"}, {"version": "0", "lessThan": "2.6.23", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.317", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.279", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.221", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.162", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.95", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.35", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.6", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "4.19.317"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.4.279"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.10.221"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.15.162"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "6.1.95"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "6.6.35"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "6.9.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3c26b5d21b1239e9c7fd31ba7d9b2d7bdbaa68d9"}, {"url": "https://git.kernel.org/stable/c/e8e2db1adac47970a6a9225f3858e9aa0e86287f"}, {"url": "https://git.kernel.org/stable/c/050ce8af6838c71e872e982b50d3f1bec21da40e"}, {"url": "https://git.kernel.org/stable/c/38825ff9da91d2854dcf6d9ac320a7e641e10f25"}, {"url": "https://git.kernel.org/stable/c/ea042dc2bea19d72e37c298bf65a9c341ef3fff3"}, {"url": "https://git.kernel.org/stable/c/3c361f313d696df72f9bccf058510e9ec737b9b1"}, {"url": "https://git.kernel.org/stable/c/117b9c009b72a6c2ebfd23484354dfee2d9570d2"}, {"url": "https://git.kernel.org/stable/c/952b023f06a24b2ad6ba67304c4c84d45bea2f18"}], "title": "ocfs2: fix races between hole punching and AIO+DIO", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:55.471Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3c26b5d21b1239e9c7fd31ba7d9b2d7bdbaa68d9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e8e2db1adac47970a6a9225f3858e9aa0e86287f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/050ce8af6838c71e872e982b50d3f1bec21da40e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/38825ff9da91d2854dcf6d9ac320a7e641e10f25", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ea042dc2bea19d72e37c298bf65a9c341ef3fff3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3c361f313d696df72f9bccf058510e9ec737b9b1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/117b9c009b72a6c2ebfd23484354dfee2d9570d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/952b023f06a24b2ad6ba67304c4c84d45bea2f18", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40943", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:04:20.780555Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:25.580Z"}}]}}