CVE-2024-47726

medium

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode.

References

https://git.kernel.org/stable/c/f81302decd64245bb1bd154ecae0f65a9ee21f04

https://git.kernel.org/stable/c/e3db757ff9b7101ae68650ac5f6dd5743b68164e

https://git.kernel.org/stable/c/c2a7fc514637f640ff55c3f3e3ed879970814a3f

https://git.kernel.org/stable/c/96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d

https://git.kernel.org/stable/c/7be13b73409b553d9d9a6cbb042b4d19e2631cc7

https://git.kernel.org/stable/c/3aa5254d80969cb576601fb9fec7a188cc8dc169

Details

Source: Mitre, NVD

Published: 2024-10-21

Updated: 2025-03-13

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00174