CVE-2024-41935

f2fs: fix to shrink read extent node in batches

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree during its shrink, however, if there is a huge number of extent nodes in extent tree, during shrink of extent tree, it may hold rwlock for a very long time, which may trigger kernel hang issue. This patch fixes to shrink read extent node in batches, so that, critical region of the rwlock can be shrunk to avoid its extreme long time hold.

N/A

CVSS

Severity:

EPSS 0.04%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/295b50e95e900da31ff237e46e04525fa799b2cf
https://git.kernel.org/stable/c/924f7dd1e832e4e4530d14711db223d2803f7b61
https://git.kernel.org/stable/c/3fc5d5a182f6a1f8bd4dc775feb54c369dd2c343

Frequently Asked Questions

What is the severity of CVE-2024-41935?: CVE-2024-41935 has not yet been assigned a CVSS score.
How to fix CVE-2024-41935?: To fix CVE-2024-41935, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-41935 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-41935 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-41935?: CVE-2024-41935 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.