{"vulnerability": "CVE-2024-57895", "sightings": [{"uuid": "82e7f7ce-b731-45cd-a6aa-6064310b7b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57895", "type": "seen", "source": "https://t.me/cvedetector/15451", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57895 - Linux kernel: Ksmbd Attribute Ctime Flag Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57895 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nksmbd: set ATTR_CTIME flags when setting mtime  \n  \nDavid reported that the new warning from setattr_copy_mgtime is coming  \nlike the following.  \n  \n[  113.215316] ------------[ cut here ]------------  \n[  113.215974] WARNING: CPU: 1 PID: 31 at fs/attr.c:300 setattr_copy+0x1ee/0x200  \n[  113.219192] CPU: 1 UID: 0 PID: 31 Comm: kworker/1:1 Not tainted 6.13.0-rc1+ #234  \n[  113.220127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014  \n[  113.221530] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd]  \n[  113.222220] RIP: 0010:setattr_copy+0x1ee/0x200  \n[  113.222833] Code: 24 28 49 8b 44 24 30 48 89 53 58 89 43 6c 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 89 df e8 77 d6 ff ff e9 cd fe ff ff &lt;0f0b e9 be fe ff ff 66 0  \n[  113.225110] RSP: 0018:ffffaf218010fb68 EFLAGS: 00010202  \n[  113.225765] RAX: 0000000000000120 RBX: ffffa446815f8568 RCX: 0000000000000003  \n[  113.226667] RDX: ffffaf218010fd38 RSI: ffffa446815f8568 RDI: ffffffff94eb03a0  \n[  113.227531] RBP: ffffaf218010fb90 R08: 0000001a251e217d R09: 00000000675259fa  \n[  113.228426] R10: 0000000002ba8a6d R11: ffffa4468196c7a8 R12: ffffaf218010fd38  \n[  113.229304] R13: 0000000000000120 R14: ffffffff94eb03a0 R15: 0000000000000000  \n[  113.230210] FS:  0000000000000000(0000) GS:ffffa44739d00000(0000) knlGS:0000000000000000  \n[  113.231215] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \n[  113.232055] CR2: 00007efe0053d27e CR3: 000000000331a000 CR4: 00000000000006b0  \n[  113.232926] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \n[  113.233812] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \n[  113.234797] Call Trace:  \n[  113.235116]    \n[  113.235393]  ? __warn+0x73/0xd0  \n[  113.235802]  ? setattr_copy+0x1ee/0x200  \n[  113.236299]  ? report_bug+0xf3/0x1e0  \n[  113.236757]  ? handle_bug+0x4d/0x90  \n[  113.237202]  ? exc_invalid_op+0x13/0x60  \n[  113.237689]  ? asm_exc_invalid_op+0x16/0x20  \n[  113.238185]  ? setattr_copy+0x1ee/0x200  \n[  113.238692]  btrfs_setattr+0x80/0x820 [btrfs]  \n[  113.239285]  ? get_stack_info_noinstr+0x12/0xf0  \n[  113.239857]  ? __module_address+0x22/0xa0  \n[  113.240368]  ? handle_ksmbd_work+0x6e/0x460 [ksmbd]  \n[  113.240993]  ? __module_text_address+0x9/0x50  \n[  113.241545]  ? __module_address+0x22/0xa0  \n[  113.242033]  ? unwind_next_frame+0x10e/0x920  \n[  113.242600]  ? __pfx_stack_trace_consume_entry+0x10/0x10  \n[  113.243268]  notify_change+0x2c2/0x4e0  \n[  113.243746]  ? stack_depot_save_flags+0x27/0x730  \n[  113.244339]  ? set_file_basic_info+0x130/0x2b0 [ksmbd]  \n[  113.244993]  set_file_basic_info+0x130/0x2b0 [ksmbd]  \n[  113.245613]  ? process_scheduled_works+0xbe/0x310  \n[  113.246181]  ? worker_thread+0x100/0x240  \n[  113.246696]  ? kthread+0xc8/0x100  \n[  113.247126]  ? ret_from_fork+0x2b/0x40  \n[  113.247606]  ? ret_from_fork_asm+0x1a/0x30  \n[  113.248132]  smb2_set_info+0x63f/0xa70 [ksmbd]  \n  \nksmbd is trying to set the atime and mtime via notify_change without also  \nsetting the ctime. so This patch add ATTR_CTIME flags when setting mtime  \nto avoid a warning. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:55.000000Z"}, {"uuid": "41365a31-cedf-4d1d-9d20-128827e43997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-57895", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ae64af90-d8f5-410c-85e2-d38fc896dc49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57895", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0291/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "d3bc162f-70db-4ae3-b605-c861700e2b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57895", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260316", "content": "", "creation_timestamp": "2026-03-16T03:00:00.000000Z"}, {"uuid": "10734c51-364e-466a-9cde-38d22b7a7eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57895", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtz4fwlw2r", "content": "", "creation_timestamp": "2025-01-15T13:17:01.139551Z"}]}