{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-26981","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-19T14:20:24.204Z","datePublished":"2024-05-01T05:27:06.469Z","dateUpdated":"2026-05-11T20:08:06.091Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T20:08:06.091Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT >> S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode & S_IFMT) >> S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode->i_mode;\n\n\tde->file_type = nilfs_type_by_mode[(mode & S_IFMT)>>S_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode & S_IFMT == S_IFMT\" is satisfied.  Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/dir.c"],"versions":[{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"054f29e9ca05be3906544c5f2a2c7321c30a4243","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"90f43980ea6be4ad903e389be9a27a2a0018f1c8","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"bdbe483da21f852c93b22557b146bc4d989260f0","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"897ac5306bbeb83e90c437326f7044c79a17c611","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"2382eae66b196c31893984a538908c3eb7506ff9","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"90823f8d9ecca3d5fa6b102c8e464c62f416975f","status":"affected","versionType":"git"},{"version":"2ba466d74ed74f073257f86e61519cb8f8f46184","lessThan":"c4a7dc9523b59b3e73fd522c73e95e072f876b16","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/dir.c"],"versions":[{"version":"2.6.30","status":"affected"},{"version":"0","lessThan":"2.6.30","status":"unaffected","versionType":"semver"},{"version":"4.19.313","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.275","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.216","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.157","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.88","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.29","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.8.8","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"4.19.313"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.4.275"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.10.216"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.15.157"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.1.88"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.6.29"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.8.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243"},{"url":"https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8"},{"url":"https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1"},{"url":"https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0"},{"url":"https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611"},{"url":"https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9"},{"url":"https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f"},{"url":"https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16"}],"title":"nilfs2: fix OOB in nilfs_set_de_type","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-17T14:33:30.572731Z","id":"CVE-2024-26981","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-17T14:33:40.696Z"}},{"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T17:14:55.924Z"}}]},"dataVersion":"5.2"}