SB2024062477 - Buffer overflow in Linux kernel ext4
Published: June 24, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024062477
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2021-47117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ext4_split_extent_at() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb
- https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071
- https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9
- https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107
- https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7
- https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a
- https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c
- https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.236
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.194
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.272
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.272
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.43
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.125