CVE-2024-26772 (GCVE-0-2024-26772)

Vulnerability from cvelistv5 – Published: 2024-04-03 17:00 – Updated: 2026-05-11 20:03
VLAI
Title
ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a corrupted block bitmap.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
Impacted products
Vendor Product Version
Linux Linux Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43 (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 6b92b1bc16d691c95b152c6dbf027ad64315668d (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < ffeb72a80a82aba59a6774b0611f792e0ed3b0b7 (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 8de8305a25bfda607fc13475ebe84b978c96d7ff (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < d639102f4cbd4cb65d1225dba3b9265596aab586 (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < d3bbe77a76bc52e9d4d0a120f1509be36e25c916 (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 21dbe20589c7f48e9c5d336ce6402bcebfa6d76a (git)
Affected: 163a203ddb36c36d4a1c942aececda0cc8d06aa7 , < 832698373a25950942c04a512daa652c18a9b513 (git)
Create a notification for this product.
Linux Linux Affected: 3.12
Unaffected: 0 , < 3.12 (semver)
Unaffected: 4.19.308 , ≤ 4.19.* (semver)
Unaffected: 5.4.270 , ≤ 5.4.* (semver)
Unaffected: 5.10.211 , ≤ 5.10.* (semver)
Unaffected: 5.15.150 , ≤ 5.15.* (semver)
Unaffected: 6.1.80 , ≤ 6.1.* (semver)
Unaffected: 6.6.19 , ≤ 6.6.* (semver)
Unaffected: 6.7.7 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-26772",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-03T19:16:02.816411Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T15:30:43.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:13.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/mballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "6b92b1bc16d691c95b152c6dbf027ad64315668d",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "ffeb72a80a82aba59a6774b0611f792e0ed3b0b7",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "8de8305a25bfda607fc13475ebe84b978c96d7ff",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "d639102f4cbd4cb65d1225dba3b9265596aab586",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "d3bbe77a76bc52e9d4d0a120f1509be36e25c916",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "21dbe20589c7f48e9c5d336ce6402bcebfa6d76a",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            },
            {
              "lessThan": "832698373a25950942c04a512daa652c18a9b513",
              "status": "affected",
              "version": "163a203ddb36c36d4a1c942aececda0cc8d06aa7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/mballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.12"
            },
            {
              "lessThan": "3.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.308",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.270",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.308",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.270",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.211",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.150",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.80",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.19",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.7",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:03:52.628Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586"
        },
        {
          "url": "https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916"
        },
        {
          "url": "https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a"
        },
        {
          "url": "https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513"
        }
      ],
      "title": "ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26772",
    "datePublished": "2024-04-03T17:00:58.733Z",
    "dateReserved": "2024-02-19T14:20:24.176Z",
    "dateUpdated": "2026-05-11T20:03:52.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-26772",
      "date": "2026-06-30",
      "epss": "0.00255",
      "percentile": "0.16703"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26772\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-03T17:15:53.023\",\"lastModified\":\"2026-06-17T07:18:18.320\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\\n\\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\\nthe protection of the group lock to avoid allocating blocks from the group\\nwith a corrupted block bitmap.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evita asignar bloques del grupo corrupto en ext4_mb_find_by_goal() Coloca la l\u00f3gica para verificar si el mapa de bits del bloque del grupo est\u00e1 corrupto bajo la protecci\u00f3n del bloqueo del grupo para evitar la asignaci\u00f3n de bloques del grupo con un mapa de bits de bloque da\u00f1ado.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"fs/ext4/mballoc.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"6b92b1bc16d691c95b152c6dbf027ad64315668d\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"8de8305a25bfda607fc13475ebe84b978c96d7ff\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"d639102f4cbd4cb65d1225dba3b9265596aab586\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"d3bbe77a76bc52e9d4d0a120f1509be36e25c916\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"163a203ddb36c36d4a1c942aececda0cc8d06aa7\",\"lessThan\":\"832698373a25950942c04a512daa652c18a9b513\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"fs/ext4/mballoc.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"3.12\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"3.12\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"4.19.308\",\"lessThanOrEqual\":\"4.19.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.4.270\",\"lessThanOrEqual\":\"5.4.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.211\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.150\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.80\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.19\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.7.7\",\"lessThanOrEqual\":\"6.7.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.8\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-04-03T19:16:02.816411Z\",\"id\":\"CVE-2024-26772\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.19.308\",\"matchCriteriaId\":\"B6FB6042-3E0F-4A36-8DED-B3C350612BDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.270\",\"matchCriteriaId\":\"5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.211\",\"matchCriteriaId\":\"7DDA4DCF-671D-415D-94DF-6E3C77DF0704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.150\",\"matchCriteriaId\":\"CB6C60DE-9E0C-46C5-904D-D4F4031F8E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.80\",\"matchCriteriaId\":\"BA7850CE-97C9-4408-A348-6173296BCA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.19\",\"matchCriteriaId\":\"8D82004C-B2AE-4048-9344-32EFF65953B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.7\",\"matchCriteriaId\":\"575EE16B-67F2-4B5B-B5F8-1877715C898B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"056BD938-0A27-4569-B391-30578B309EE3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:14:13.428Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26772\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-03T19:16:02.816411Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:21.864Z\"}}], \"cna\": {\"title\": \"ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"6b92b1bc16d691c95b152c6dbf027ad64315668d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"8de8305a25bfda607fc13475ebe84b978c96d7ff\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"d639102f4cbd4cb65d1225dba3b9265596aab586\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"d3bbe77a76bc52e9d4d0a120f1509be36e25c916\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"163a203ddb36c36d4a1c942aececda0cc8d06aa7\", \"lessThan\": \"832698373a25950942c04a512daa652c18a9b513\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/ext4/mballoc.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.12\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"3.12\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.308\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.270\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.211\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.150\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.80\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/ext4/mballoc.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43\"}, {\"url\": \"https://git.kernel.org/stable/c/6b92b1bc16d691c95b152c6dbf027ad64315668d\"}, {\"url\": \"https://git.kernel.org/stable/c/ffeb72a80a82aba59a6774b0611f792e0ed3b0b7\"}, {\"url\": \"https://git.kernel.org/stable/c/8de8305a25bfda607fc13475ebe84b978c96d7ff\"}, {\"url\": \"https://git.kernel.org/stable/c/d639102f4cbd4cb65d1225dba3b9265596aab586\"}, {\"url\": \"https://git.kernel.org/stable/c/d3bbe77a76bc52e9d4d0a120f1509be36e25c916\"}, {\"url\": \"https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a\"}, {\"url\": \"https://git.kernel.org/stable/c/832698373a25950942c04a512daa652c18a9b513\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\\n\\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\\nthe protection of the group lock to avoid allocating blocks from the group\\nwith a corrupted block bitmap.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.308\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.270\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.211\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.150\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.80\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.19\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7.7\", \"versionStartIncluding\": \"3.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8\", \"versionStartIncluding\": \"3.12\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T20:03:52.628Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-26772\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T20:03:52.628Z\", \"dateReserved\": \"2024-02-19T14:20:24.176Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-03T17:00:58.733Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…