{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-42273","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-07-30T07:40:12.260Z","datePublished":"2024-08-17T08:54:27.422Z","dateUpdated":"2025-11-03T22:03:11.549Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:57:52.719Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid\n\nmkdir /mnt/test/comp\nf2fs_io setflags compression /mnt/test/comp\ndd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1\ntruncate --size 13 /mnt/test/comp/testfile\n\nIn the above scenario, we can get a BUG_ON.\n kernel BUG at fs/f2fs/segment.c:3589!\n Call Trace:\n  do_write_page+0x78/0x390 [f2fs]\n  f2fs_outplace_write_data+0x62/0xb0 [f2fs]\n  f2fs_do_write_data_page+0x275/0x740 [f2fs]\n  f2fs_write_single_data_page+0x1dc/0x8f0 [f2fs]\n  f2fs_write_multi_pages+0x1e5/0xae0 [f2fs]\n  f2fs_write_cache_pages+0xab1/0xc60 [f2fs]\n  f2fs_write_data_pages+0x2d8/0x330 [f2fs]\n  do_writepages+0xcf/0x270\n  __writeback_single_inode+0x44/0x350\n  writeback_sb_inodes+0x242/0x530\n  __writeback_inodes_wb+0x54/0xf0\n  wb_writeback+0x192/0x310\n  wb_workfn+0x30d/0x400\n\nThe reason is we gave CURSEG_ALL_DATA_ATGC to COMPR_ADDR where the\npage was set the gcing flag by set_cluster_dirty()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/segment.c"],"versions":[{"version":"7c972c89457511007dfc933814c06786905e515c","lessThan":"5fd057160ab240dd816ae09b625395d54c297de1","status":"affected","versionType":"git"},{"version":"417b8a91f4e8831cadaf85c3f15c6991c1f54dde","lessThan":"4239571c5db46a42f723b8fa8394039187c34439","status":"affected","versionType":"git"},{"version":"4961acdd65c956e97c1a000c82d91a8c1cdbe44b","lessThan":"0cd106612396656d6f1ca17ef192c6759bb60791","status":"affected","versionType":"git"},{"version":"4961acdd65c956e97c1a000c82d91a8c1cdbe44b","lessThan":"8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1","status":"affected","versionType":"git"},{"version":"7ea0f29d9fd84905051be020c0df7d557e286136","status":"affected","versionType":"git"},{"version":"b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/segment.c"],"versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","status":"unaffected","versionType":"semver"},{"version":"6.1.104","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.45","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.4","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.77","versionEndExcluding":"6.1.104"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.16","versionEndExcluding":"6.6.45"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.10.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.149"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5fd057160ab240dd816ae09b625395d54c297de1"},{"url":"https://git.kernel.org/stable/c/4239571c5db46a42f723b8fa8394039187c34439"},{"url":"https://git.kernel.org/stable/c/0cd106612396656d6f1ca17ef192c6759bb60791"},{"url":"https://git.kernel.org/stable/c/8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1"}],"title":"f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-42273","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:12:04.954171Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-12T17:33:32.172Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:03:11.549Z"}}]}}