{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-53690","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-01-11T12:34:02.678Z","datePublished":"2025-01-11T12:35:40.934Z","dateUpdated":"2025-11-03T20:48:23.672Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:56:57.663Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: prevent use of deleted inode\n\nsyzbot reported a WARNING in nilfs_rmdir. [1]\n\nBecause the inode bitmap is corrupted, an inode with an inode number that\nshould exist as a \".nilfs\" file was reassigned by nilfs_mkdir for \"file0\",\ncausing an inode duplication during execution.  And this causes an\nunderflow of i_nlink in rmdir operations.\n\nThe inode is used twice by the same task to unmount and remove directories\n\".nilfs\" and \"file0\", it trigger warning in nilfs_rmdir.\n\nAvoid to this issue, check i_nlink in nilfs_iget(), if it is 0, it means\nthat this inode has been deleted, and iput is executed to reclaim it.\n\n[1]\nWARNING: CPU: 1 PID: 5824 at fs/inode.c:407 drop_nlink+0xc4/0x110 fs/inode.c:407\n...\nCall Trace:\n <TASK>\n nilfs_rmdir+0x1b0/0x250 fs/nilfs2/namei.c:342\n vfs_rmdir+0x3a3/0x510 fs/namei.c:4394\n do_rmdir+0x3b5/0x580 fs/namei.c:4453\n __do_sys_rmdir fs/namei.c:4472 [inline]\n __se_sys_rmdir fs/namei.c:4470 [inline]\n __x64_sys_rmdir+0x47/0x50 fs/namei.c:4470\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/inode.c","fs/nilfs2/namei.c"],"versions":[{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"55e4baa0d32f0530ddc64c26620e1f2f8fa2724c","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"5d4ed71327b0b5f3b179a19dc3c06be9509ab3db","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"912188316a8c9e41b8c1603c2276a05043b14f96","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"ef942d233643777f7b2a5deef620e82942983143","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"284760b320a0bac411b18108316939707dccb12b","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"ff561987ff12b6a3233431ff659b5d332e22f153","status":"affected","versionType":"git"},{"version":"d25006523d0b9e49fd097b2e974e7c8c05bd7f54","lessThan":"901ce9705fbb9f330ff1f19600e5daf9770b0175","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/inode.c","fs/nilfs2/namei.c"],"versions":[{"version":"2.6.30","status":"affected"},{"version":"0","lessThan":"2.6.30","status":"unaffected","versionType":"semver"},{"version":"5.4.289","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.233","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.176","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.122","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.68","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.7","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.4.289"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.10.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.15.176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.1.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.6.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.12.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/55e4baa0d32f0530ddc64c26620e1f2f8fa2724c"},{"url":"https://git.kernel.org/stable/c/5d4ed71327b0b5f3b179a19dc3c06be9509ab3db"},{"url":"https://git.kernel.org/stable/c/912188316a8c9e41b8c1603c2276a05043b14f96"},{"url":"https://git.kernel.org/stable/c/ef942d233643777f7b2a5deef620e82942983143"},{"url":"https://git.kernel.org/stable/c/284760b320a0bac411b18108316939707dccb12b"},{"url":"https://git.kernel.org/stable/c/ff561987ff12b6a3233431ff659b5d332e22f153"},{"url":"https://git.kernel.org/stable/c/901ce9705fbb9f330ff1f19600e5daf9770b0175"}],"title":"nilfs2: prevent use of deleted inode","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:48:23.672Z"}}]}}