{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2024-42273", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-30T07:40:12.260Z", "datePublished": "2024-08-17T08:54:27.422Z", "dateUpdated": "2026-05-23T15:52:34.587Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:52:34.587Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid\n\nmkdir /mnt/test/comp\nf2fs_io setflags compression /mnt/test/comp\ndd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1\ntruncate --size 13 /mnt/test/comp/testfile\n\nIn the above scenario, we can get a BUG_ON.\n kernel BUG at fs/f2fs/segment.c:3589!\n Call Trace:\n do_write_page+0x78/0x390 [f2fs]\n f2fs_outplace_write_data+0x62/0xb0 [f2fs]\n f2fs_do_write_data_page+0x275/0x740 [f2fs]\n f2fs_write_single_data_page+0x1dc/0x8f0 [f2fs]\n f2fs_write_multi_pages+0x1e5/0xae0 [f2fs]\n f2fs_write_cache_pages+0xab1/0xc60 [f2fs]\n f2fs_write_data_pages+0x2d8/0x330 [f2fs]\n do_writepages+0xcf/0x270\n __writeback_single_inode+0x44/0x350\n writeback_sb_inodes+0x242/0x530\n __writeback_inodes_wb+0x54/0xf0\n wb_writeback+0x192/0x310\n wb_workfn+0x30d/0x400\n\nThe reason is we gave CURSEG_ALL_DATA_ATGC to COMPR_ADDR where the\npage was set the gcing flag by set_cluster_dirty()." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/f2fs/segment.c" ], "versions": [ { "version": "7c972c89457511007dfc933814c06786905e515c", "lessThan": "5fd057160ab240dd816ae09b625395d54c297de1", "status": "affected", "versionType": "git" }, { "version": "417b8a91f4e8831cadaf85c3f15c6991c1f54dde", "lessThan": "4239571c5db46a42f723b8fa8394039187c34439", "status": "affected", "versionType": "git" }, { "version": "4961acdd65c956e97c1a000c82d91a8c1cdbe44b", "lessThan": "0cd106612396656d6f1ca17ef192c6759bb60791", "status": "affected", "versionType": "git" }, { "version": "4961acdd65c956e97c1a000c82d91a8c1cdbe44b", "lessThan": "8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1", "status": "affected", "versionType": "git" }, { "version": "7ea0f29d9fd84905051be020c0df7d557e286136", "status": "affected", "versionType": "git" }, { "version": "b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3", "status": "affected", "versionType": "git" }, { "version": "6.1.77", "lessThan": "6.1.104", "status": "affected", "versionType": "semver" }, { "version": "6.6.16", "lessThan": "6.6.45", "status": "affected", "versionType": "semver" }, { "version": "5.15.149", "lessThan": "5.16", "status": "affected", "versionType": "semver" }, { "version": "6.7.4", "lessThan": "6.8", "status": "affected", "versionType": "semver" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/f2fs/segment.c" ], "versions": [ { "version": "6.8", "status": "affected" }, { "version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.104", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.45", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.10.4", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.77", "versionEndExcluding": "6.1.104" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.16", "versionEndExcluding": "6.6.45" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.10.4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.11" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.149" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.4" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/5fd057160ab240dd816ae09b625395d54c297de1" }, { "url": "https://git.kernel.org/stable/c/4239571c5db46a42f723b8fa8394039187c34439" }, { "url": "https://git.kernel.org/stable/c/0cd106612396656d6f1ca17ef192c6759bb60791" }, { "url": "https://git.kernel.org/stable/c/8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1" } ], "title": "f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "id": "CVE-2024-42273", "role": "CISA Coordinator", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "version": "2.0.3", "timestamp": "2024-09-10T16:12:04.954171Z" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:32.172Z" } }, { "title": "CVE Program Container", "references": [ { "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T22:03:11.549Z" } } ] } }