CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2024-57943: exfat: fix the new buffer was not zeroed before writing
Description
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix the new buffer was not zeroed before writing
Before writing, if a buffer_head marked as new, its data must
be zeroed, otherwise uninitialized data in the page cache will
be written.
So this commit uses folio_zero_new_buffers() to zero the new
buffers before ->write_end().
Classification
CVE ID: CVE-2024-57943
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.7% (scored less or equal to compared to others)
EPSS Date: 2025-02-19 (when was this score calculated)
References
https://git.kernel.org/stable/c/942c6f91ab8d82a41650e717940b4e577173762fhttps://git.kernel.org/stable/c/98e2fb26d1a9eafe79f46d15d54e68e014d81d8c