{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix out-of-bounds fsid access\n\nArnd Bergmann sent a patch to fsdevel, he says:\n\n\"orangefs_statfs() copies two consecutive fields of the superblock into\nthe statfs structure, which triggers a warning from the string fortification\nhelpers\"\n\nJan Kara suggested an alternate way to do the patch to make it more readable.\n\nI ran both ideas through xfstests and both seem fine. This patch\nis based on Jan Kara's suggestion." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/orangefs/super.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "b90176a95537", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "556edaa27c27", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "1617249e24bd", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "137a06dc0ff8", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "74159d409da8", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "6a3cacf6d3cf", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "de8a5f7b7180", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "53e4efa470d5", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/orangefs/super.c" ], "versions": [ { "version": "4.19.318", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.280", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.222", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.163", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.98", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/b90176a9553775e23966650e445b1866e62e4924" }, { "url": "https://git.kernel.org/stable/c/556edaa27c27db24a0f34c78cebef90e5bb6e167" }, { "url": "https://git.kernel.org/stable/c/1617249e24bd04c8047956afb43feec4876d1715" }, { "url": "https://git.kernel.org/stable/c/137a06dc0ff8b2d2069c2345d015ef0fa71df1ed" }, { "url": "https://git.kernel.org/stable/c/74159d409da82269311a60256aad8ae8753da450" }, { "url": "https://git.kernel.org/stable/c/6a3cacf6d3cf0278aa90392aef2fc3fe2717a047" }, { "url": "https://git.kernel.org/stable/c/de8a5f7b71800a11fbaffc8ddacf08ead78afcc5" }, { "url": "https://git.kernel.org/stable/c/53e4efa470d5fc6a96662d2d3322cfc925818517" } ], "title": "orangefs: fix out-of-bounds fsid access", "x_generator": { "engine": "bippy-c9c4e1df01b2" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2024-42143", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }