CVE - CVE-2024-35821

CVE-ID
CVE-2024-35821	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in the correct place Page cache reads are lockless, so setting the freshly allocated page uptodate before we've overwritten it with the data it's supposed to have in it will allow a simultaneous reader to see old data. Move the call to SetPageUptodate into ubifs_write_end(), which is after we copied the new data into the page.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3 URL:https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3 MISC:https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566 URL:https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566 MISC:https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e URL:https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e MISC:https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e URL:https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e MISC:https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f URL:https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f MISC:https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310 URL:https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310 MISC:https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f URL:https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f MISC:https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3 URL:https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3 MISC:https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f URL:https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f MLIST:[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Assigning CNA
kernel.org
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.