CVE-2024-57952

Summary

CVE-2024-57952 is a vulnerability affecting the Linux kernel that was recently resolved. The issue lies in the current directory offset allocator, which stores the next offset value to return in octx->next_offset. Monotonically increasing offset values eventually wrap back to lower numbers, causing existing entries in directories to disappear. This occurs because the commit treats directory offsets as monotonically increasing integer values, and introduces a comparison that stops listing entries once an entry's offset is larger than octx->next_offset. On 32-bit platforms, this issue can cause directory entries to vanish after a few weeks, while on 64-bit platforms, it takes much longer for the issue to occur. To address this, the commit that caused the issue, 64a7ce76fb90, has been reverted to prepare for a more permanent fix that can work properly on 32-bit systems and may apply to recent LTS kernels where shmem employs the simple_offset mechanism.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.