Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:ext4: fix timer use-after-free on failed mountSyzbot has found an ODEBUG bug in ext4_fill_superThe del_timer_sync function cancels the s_err_report timer,which reminds about filesystem errors daily. We shouldguarantee the timer is no longer active before kfree(sbi).When filesystem mounting fails, the flow goes to failed_mount3,where an error occurs when ext4_stop_mmpd is called, causinga read I/O failure. This triggers the ext4_handle_error functionthat ultimately re-arms the timer,leaving the s_err_report timer active before kfree(sbi) is called.Fix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Fayzak/llm-analyze-know-vulnerabilities-open-source
- https://github.com/YariKar/llm-analyse-known-open-source-vulnerabilities
- https://github.com/w4zu/Debian_security