CVE-2024-46748: cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT

Description

In the Linux kernel, the following vulnerability has been resolved:

cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT

Set the maximum size of a subrequest that writes to cachefiles to be
MAX_RW_COUNT so that we don't overrun the maximum write we can make to the
backing filesystem.

Classification

CVE ID: CVE-2024-46748

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.41% (scored less or equal to compared to others)

EPSS Date: 2025-05-07 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-46748
https://git.kernel.org/stable/c/cec226f9b1fd6cf55bc157873aec61b523083e96
https://git.kernel.org/stable/c/51d37982bbac3ea0ca21b2797a9cb0044272b3aa

Timeline

2025-05-04 10:40:18 UTC
CVE

cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT