Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2024-53155

Disclosure Date: December 24, 2024 •

CVE-2024-53155 CVSS v3 Base Score: 7.1

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix uninitialized value in ocfs2_file_read_iter()

Syzbot has reported the following KMSAN splat:

BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80
ocfs2_file_read_iter+0x9a4/0xf80
__io_read+0x8d4/0x20f0
io_read+0x3e/0xf0
io_issue_sqe+0x42b/0x22c0
io_wq_submit_work+0xaf9/0xdc0
io_worker_handle_work+0xd13/0x2110
io_wq_worker+0x447/0x1410
ret_from_fork+0x6f/0x90
ret_from_fork_asm+0x1a/0x30

Uninit was created at:
__alloc_pages_noprof+0x9a7/0xe00
alloc_pages_mpol_noprof+0x299/0x990
alloc_pages_noprof+0x1bf/0x1e0
allocate_slab+0x33a/0x1250
___slab_alloc+0x12ef/0x35e0
kmem_cache_alloc_bulk_noprof+0x486/0x1330
__io_alloc_req_refill+0x84/0x560
io_submit_sqes+0x172f/0x2f30
__se_sys_io_uring_enter+0x406/0x41c0
__x64_sys_io_uring_enter+0x11f/0x1a0
x64_sys_call+0x2b54/0x3ba0
do_syscall_64+0xcd/0x1e0
entry_SYSCALL_64_after_hwframe+0x77/0x7f

Since an instance of ‘struct kiocb’ may be passed from the block layer
with ‘private’ field uninitialized, introduce ‘ocfs2_iocb_init_rw_locked()’
and use it from where ‘ocfs2_dio_end_io()’ might take care, i.e. in
‘ocfs2_file_read_iter()’ and ‘ocfs2_file_write_iter()’.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.1 High

Impact Score:

5.2

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

None

Availability (A):

High

References

Canonical

CVE-2024-53155 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53155)

Miscellaneous

https://git.kernel.org/stable/c/6c8f8d1e595dabd5389817f6d798cc8bd95c40ab

https://git.kernel.org/stable/c/f4078ef38d3163e6be47403a619558b19c4bfccd

https://git.kernel.org/stable/c/66b7ddd1804e2c4216dd7ead8eeb746cdbb3b62f

https://git.kernel.org/stable/c/8c966150d5abff58c3c2bdb9a6e63fd773782905

https://git.kernel.org/stable/c/83f8713a0ef1d55d6a287bcfadcaab8245ac5098

https://git.kernel.org/stable/c/8e0de82ed18ba0e71f817adbd81317fd1032ca5a

https://git.kernel.org/stable/c/366c933c2ab34dd6551acc03b4872726b7605143

https://git.kernel.org/stable/c/dc78efe556fed162d48736ef24066f42e463e27c

https://git.kernel.org/stable/c/adc77b19f62d7e80f98400b2fca9d700d2afdd6f

Rapid7

Unknown

CVE-2024-53155

Unknown

Unknown

None

Low

Local

CVE-2024-53155

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Weaknesses

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-53155

Unknown

Unknown

None

Low

Local

CVE-2024-53155

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Weaknesses

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification