CVE-2024-53143

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/21d1b618b6b9da46c5116c640ac4b1cc8d40d63a", "name": "https://git.kernel.org/stable/c/21d1b618b6b9da46c5116c640ac4b1cc8d40d63a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/45a8f8232a495221ed058191629f5c628f21601a", "name": "https://git.kernel.org/stable/c/45a8f8232a495221ed058191629f5c628f21601a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/83af1cfa10d9aafdabd06b3655e07727f373b434", "name": "https://git.kernel.org/stable/c/83af1cfa10d9aafdabd06b3655e07727f373b434", "tags": ["Patch"], "refsource": ""}, {"url": "https://project-zero.issues.chromium.org/issues/379667898", "name": "https://project-zero.issues.chromium.org/issues/379667898", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: Fix ordering of iput() and watched_objects decrement\n\nEnsure the superblock is kept alive until we're done with iput().\nHolding a reference to an inode is not allowed unless we ensure the\nsuperblock stays alive, which fsnotify does by keeping the\nwatched_objects count elevated, so iput() must happen before the\nwatched_objects decrement.\nThis can lead to a UAF of something like sb->s_fs_info in tmpfs, but the\nUAF is hard to hit because race orderings that oops are more likely, thanks\nto the CHECK_DATA_CORRUPTION() block in generic_shutdown_super().\n\nAlso, ensure that fsnotify_put_sb_watched_objects() doesn't call\nfsnotify_sb_watched_objects() on a superblock that may have already been\nfreed, which would cause a UAF read of sb->s_fsnotify_info."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-53143", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2024-12-07T07:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.10"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-24T17:27Z"}