Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mounted to another system with different PAGE_SIZE from the original system, log->page_size will change in log_replay(), but log->page_{mask,bits} don't change correspondingly. This will cause a panic because "u32 bytes = log->page_size - page_off" will get a negative value in the later read_log_page().
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.15, < 5.15.165 |
References
- https://git.kernel.org/stable/c/0484adcb5fbcadd9ba0fd4485c42630f72e97da9Patch
- https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420Patch
- https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6fPatch
- https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696Patch
- https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521Patch
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-42299?
CVE-2024-42299 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mounted to another system with differen...
How severe is CVE-2024-42299?
CVE-2024-42299 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-42299?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.