CVE-2024-50116

nilfs2: fix kernel bug due to missing clearing of buffer delay flag

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/033bc52f35868c2493a2d95c56ece7fc155d7cb3 patch
https://git.kernel.org/stable/c/412a30b1b28d6073ba29c46a2b0f324c5936293f patch
https://git.kernel.org/stable/c/9f2ab98371c2f2488bf3bf3f9b2a73510545e9c1 patch
https://git.kernel.org/stable/c/822203f6355f4b322d21e7115419f6b98284be25 patch
https://git.kernel.org/stable/c/27524f65621f490184f2ace44cd8e5f3685af4a3 patch
https://git.kernel.org/stable/c/743c78d455e784097011ea958b27396001181567 patch
https://git.kernel.org/stable/c/c6f58ff2d4c552927fe9a187774e668ebba6c7aa patch
https://git.kernel.org/stable/c/6ed469df0bfbef3e4b44fca954a781919db9f7ab patch

Frequently Asked Questions

What is the severity of CVE-2024-50116?
CVE-2024-50116 has been scored as a medium severity vulnerability.
How to fix CVE-2024-50116?
To fix CVE-2024-50116, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-50116 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-50116 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-50116?
CVE-2024-50116 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.