Bug 2339126 (CVE-2024-57940) - CVE-2024-57940 kernel: exfat: fix the infinite loop in exfat_readdir()
Summary: CVE-2024-57940 kernel: exfat: fix the infinite loop in exfat_readdir()
Keywords:
Status: NEW
Alias: CVE-2024-57940
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-01-21 13:01 UTC by OSIDB Bzimport
Modified: 2025-05-13 08:39 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:6966 0 None None None 2025-05-13 08:39:00 UTC

Description OSIDB Bzimport 2025-01-21 13:01:53 UTC 
In the Linux kernel, the following vulnerability has been resolved:

exfat: fix the infinite loop in exfat_readdir()

If the file system is corrupted so that a cluster is linked to
itself in the cluster chain, and there is an unused directory
entry in the cluster, 'dentry' will not be incremented, causing
condition 'dentry < max_dentries' unable to prevent an infinite
loop.

This infinite loop causes s_lock not to be released, and other
tasks will hang, such as exfat_sync_fs().

This commit stops traversing the cluster chain when there is unused
directory entry in the cluster to avoid this infinite loop.
Comment 1 Robb Gatica 2025-01-21 17:18:51 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025012128-CVE-2024-57940-e289@gregkh/T
Comment 3 errata-xmlrpc 2025-05-13 08:38:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:6966 https://access.redhat.com/errata/RHSA-2025:6966
Note You need to log in before you can comment on or make changes to this bug.