vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-49983): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Oct 21, 2024	Dec 18, 2024	Mar 27, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Oct 21, 2024

Added

Dec 18, 2024

Modified

Mar 27, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free

When calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(),
the 'ppath' is updated but it is the 'path' that is freed, thus potentially
triggering a double-free in the following process:

ext4_ext_replay_update_ex
ppath = path
ext4_force_split_extent_at(&ppath)
ext4_split_extent_at
ext4_ext_insert_extent
ext4_ext_create_new_leaf
ext4_ext_grow_indepth
ext4_find_extent
if (depth > path[0].p_maxdepth)
kfree(path) ---> path First freed
*orig_path = path = NULL ---> null ppath
kfree(path) ---> path double-free !!!

So drop the unnecessary ppath and use path directly to avoid this problem.
And use ext4_find_extent() directly to update path, avoiding unnecessary
memory allocation and freeing. Also, propagate the error returned by
ext4_find_extent() instead of using strange error codes.

Solutions

ubuntu-upgrade-linux-image-5-15-0-1039-xilinx-zynqmpubuntu-upgrade-linux-image-5-15-0-1056-gkeopubuntu-upgrade-linux-image-5-15-0-1066-ibmubuntu-upgrade-linux-image-5-15-0-1066-raspiubuntu-upgrade-linux-image-5-15-0-1068-nvidiaubuntu-upgrade-linux-image-5-15-0-1068-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1070-gkeubuntu-upgrade-linux-image-5-15-0-1070-kvmubuntu-upgrade-linux-image-5-15-0-1071-intel-iotgubuntu-upgrade-linux-image-5-15-0-1071-oracleubuntu-upgrade-linux-image-5-15-0-1072-gcpubuntu-upgrade-linux-image-5-15-0-1073-awsubuntu-upgrade-linux-image-5-15-0-1078-azureubuntu-upgrade-linux-image-5-15-0-127-genericubuntu-upgrade-linux-image-5-15-0-127-generic-64kubuntu-upgrade-linux-image-5-15-0-127-generic-lpaeubuntu-upgrade-linux-image-5-15-0-127-lowlatencyubuntu-upgrade-linux-image-5-15-0-127-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1005-realtimeubuntu-upgrade-linux-image-6-11-0-1008-raspiubuntu-upgrade-linux-image-6-11-0-1009-awsubuntu-upgrade-linux-image-6-11-0-1009-azureubuntu-upgrade-linux-image-6-11-0-1009-azure-fdeubuntu-upgrade-linux-image-6-11-0-1009-gcpubuntu-upgrade-linux-image-6-11-0-1010-lowlatencyubuntu-upgrade-linux-image-6-11-0-1010-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1011-oracleubuntu-upgrade-linux-image-6-11-0-1011-oracle-64kubuntu-upgrade-linux-image-6-11-0-1015-oemubuntu-upgrade-linux-image-6-11-0-18-genericubuntu-upgrade-linux-image-6-11-0-18-generic-64kubuntu-upgrade-linux-image-6-8-0-1006-gkeopubuntu-upgrade-linux-image-6-8-0-1014-azure-nvidiaubuntu-upgrade-linux-image-6-8-0-1019-gkeubuntu-upgrade-linux-image-6-8-0-1019-raspiubuntu-upgrade-linux-image-6-8-0-1020-oracleubuntu-upgrade-linux-image-6-8-0-1020-oracle-64kubuntu-upgrade-linux-image-6-8-0-1022-ibmubuntu-upgrade-linux-image-6-8-0-1022-nvidiaubuntu-upgrade-linux-image-6-8-0-1022-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1022-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1022-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1023-awsubuntu-upgrade-linux-image-6-8-0-1024-gcpubuntu-upgrade-linux-image-6-8-0-1024-gcp-64kubuntu-upgrade-linux-image-6-8-0-1024-oemubuntu-upgrade-linux-image-6-8-0-1025-azureubuntu-upgrade-linux-image-6-8-0-1025-azure-fdeubuntu-upgrade-linux-image-6-8-0-54-genericubuntu-upgrade-linux-image-6-8-0-54-generic-64kubuntu-upgrade-linux-image-6-8-0-54-lowlatencyubuntu-upgrade-linux-image-6-8-0-54-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-57-genericubuntu-upgrade-linux-image-6-8-0-57-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-aws-lts-24-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fde-lts-24-04ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-azure-lts-24-04ubuntu-upgrade-linux-image-azure-nvidiaubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-64k-lts-24-04ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-gcp-lts-24-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-gkeop-6-8ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-20-04dubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-24-04ubuntu-upgrade-linux-image-oem-24-04aubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-64k-lts-24-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-oracle-lts-24-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-hwe-24-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-20-04ubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-virtual-hwe-24-04ubuntu-upgrade-linux-image-xilinx-zynqmp

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report