CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-47726: f2fs: fix to wait dio completion

Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to wait dio completion

It should wait all existing dio write IOs before block removal,
otherwise, previous direct write IO may overwrite data in the
block which may be reused by other inode.

Classification

CVE ID: CVE-2024-47726

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 24.43% (scored less or equal to compared to others)

EPSS Date: 2025-02-07 (when was this score calculated)

References

https://git.kernel.org/stable/c/c2a7fc514637f640ff55c3f3e3ed879970814a3f
https://git.kernel.org/stable/c/e3db757ff9b7101ae68650ac5f6dd5743b68164e
https://git.kernel.org/stable/c/96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d

Timeline

2025-01-10 00:30:52 UTC
CVE

f2fs: fix to wait dio completion