CVE-2024-26772

ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a corrupted block bitmap.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43 patch
https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d patch
https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7 patch
https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff patch
https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586 patch
https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916 patch
https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a patch
https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513 patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-26772?
CVE-2024-26772 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26772?
To fix CVE-2024-26772, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26772 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26772 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26772?
CVE-2024-26772 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.