CVE-2024-42160

f2fs: check validation of fault attrs in f2fs_build_fault_attr()

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in parse_options(), let's fix to add check condition in f2fs_build_fault_attr(). - Use f2fs_build_fault_attr() in __sbi_store() to clean up code.

Category

7.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/6e5b601706ce05d94338cad598736d96bb8096c8
https://git.kernel.org/stable/c/bc84dd2c33e0c10fd90d60f0cfc0bfb504d4692d patch
https://git.kernel.org/stable/c/44958ca9e400f57bd0478115519ffc350fcee61e patch
https://git.kernel.org/stable/c/ecb641f424d6d1f055d149a15b892edcc92c504b patch
https://git.kernel.org/stable/c/4ed886b187f47447ad559619c48c086f432d2b77 patch

Frequently Asked Questions

What is the severity of CVE-2024-42160?
CVE-2024-42160 has been scored as a high severity vulnerability.
How to fix CVE-2024-42160?
To fix CVE-2024-42160, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-42160 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-42160 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-42160?
CVE-2024-42160 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.