2360197 – (CVE-2024-58095) CVE-2024-58095 kernel: jfs: add check read-only before txBeginAnon() call

Bug 2360197 (CVE-2024-58095) - CVE-2024-58095 kernel: jfs: add check read-only before txBeginAnon() call

Summary: CVE-2024-58095 kernel: jfs: add check read-only before txBeginAnon() call

Keywords:
Status:	NEW
Alias:	CVE-2024-58095
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-04-16 15:02 UTC by OSIDB Bzimport
Modified:	2025-04-17 16:06 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-04-16 15:02:09 UTC

In the Linux kernel, the following vulnerability has been resolved:

jfs: add check read-only before txBeginAnon() call

Added a read-only check before calling `txBeginAnon` in `extAlloc`
and `extRecord`. This prevents modification attempts on a read-only
mounted filesystem, avoiding potential errors or crashes.

Call trace:
 txBeginAnon+0xac/0x154
 extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78
 jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248
 __block_write_begin_int+0x580/0x166c fs/buffer.c:2128
 __block_write_begin fs/buffer.c:2177 [inline]
 block_write_begin+0x98/0x11c fs/buffer.c:2236
 jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299

Comment 1 Avinash Hanwate 2025-04-17 16:00:14 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025041653-CVE-2024-58095-9a41@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.