CVE-2024-35948

Published: May 20, 2024Modified: Nov 18, 2025

8.4

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: bcachefs: Check for journal entries overruning end of sb clean section Fix a missing bounds check in superblock validation. Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is checksummed, validated prior to write, and we have backups.

Affected (6)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.7 to 6.9
Linux Linux Kernel	Version 6.9 rc1
Linux Linux Kernel	Version 6.9 rc2
Linux Linux Kernel	Version 6.9 rc3
Linux Linux Kernel	Version 6.9 rc4
Linux Linux Kernel	Version 6.9 rc5

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://git.kernel.org/stable/c/fcdbc1d7a4b638e5d5668de461f320386f3002aa

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fcdbc1d7a4b638e5d5668de461f320386f3002aa

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.