CVE-2024-50218

UNKNOWN 0.0

ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline_data_with_xattr, second, the start and end parameters of ocfs2_truncate_inline are "unsigned int". So, we need to add a sanity check for byte_start and byte_len right before ocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater than ocfs2_max_inline_data_with_xattr return -EINVAL.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 9, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1afc32b952335f665327a1a9001ba1b44bb76fd9 < 27d95867bee806cdc448d122bd99f1d8b0544035 1afc32b952335f665327a1a9001ba1b44bb76fd9 < 95fbed8ae8c32c0977e6be1721c190d8fea23f2f 1afc32b952335f665327a1a9001ba1b44bb76fd9 < 70767689ec6ee5f05fb0a2c17d7ec1927946e486 1afc32b952335f665327a1a9001ba1b44bb76fd9 < ecd62f684386fa64f9c0cea92eea361f4e6444c2 1afc32b952335f665327a1a9001ba1b44bb76fd9 < 2fe5d62e122b040ce7fc4d31aa7fa96ae328cefc 1afc32b952335f665327a1a9001ba1b44bb76fd9 < 88f97a4b5843ce21c1286e082c02a5fb4d8eb473 1afc32b952335f665327a1a9001ba1b44bb76fd9 < 0b6b8c2055784261de3fb641c5d0d63964318e8f 1afc32b952335f665327a1a9001ba1b44bb76fd9 < bc0a2f3a73fcdac651fca64df39306d1e5ebe3b0

Linux / Linux

2.6.24

References

NVD ↗ CVE.org ↗ EPSS Data ↗