CVE-2024-46801
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-46801
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46801.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-46801
- Downstream
- Published
- 2024-09-18T07:12:55Z
- Modified
- 2025-10-22T02:37:35.412470Z
- Summary
- libfs: fix get_stashed_dentry()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
libfs: fix getstasheddentry()
getstasheddentry() tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereference the stashed location to prevent UAF issues. Use rcudereference() instead of READONCE() it's effectively equivalent with some lockdep bells and whistles and it communicates clearly that this expects rcu protection.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced07fd7c329839cf0b8c7766883d830a1a0d12d1ddFixed03e2a1209a83a380df34a72f7d6d1bc6c74132c7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced07fd7c329839cf0b8c7766883d830a1a0d12d1ddFixed4e32c25b58b945f976435bbe51f39b32d714052e
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.8
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7