{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T12:01:13.943","vulnerabilities":[{"cve":{"id":"CVE-2024-53143","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-12-07T07:15:03.780","lastModified":"2025-03-24T17:27:18.173","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: Fix ordering of iput() and watched_objects decrement\n\nEnsure the superblock is kept alive until we're done with iput().\nHolding a reference to an inode is not allowed unless we ensure the\nsuperblock stays alive, which fsnotify does by keeping the\nwatched_objects count elevated, so iput() must happen before the\nwatched_objects decrement.\nThis can lead to a UAF of something like sb->s_fs_info in tmpfs, but the\nUAF is hard to hit because race orderings that oops are more likely, thanks\nto the CHECK_DATA_CORRUPTION() block in generic_shutdown_super().\n\nAlso, ensure that fsnotify_put_sb_watched_objects() doesn't call\nfsnotify_sb_watched_objects() on a superblock that may have already been\nfreed, which would cause a UAF read of sb->s_fsnotify_info."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fsnotify: Arreglar el orden de iput() y el decremento de watching_objects Asegurarse de que el superbloque se mantenga activo hasta que terminemos con iput(). No se permite mantener una referencia a un inodo a menos que aseguremos que el superbloque se mantenga activo, lo que fsnotify hace manteniendo elevado el conteo de watching_objects, por lo que iput() debe ocurrir antes del decremento de watching_objects. Esto puede llevar a un UAF de algo como sb->s_fs_info en tmpfs, pero el UAF es difícil de alcanzar porque las órdenes de ejecución que oops son más probables, gracias al bloque CHECK_DATA_CORRUPTION() en generic_shutdown_super(). Además, asegúrese de que fsnotify_put_sb_watched_objects() no llame a fsnotify_sb_watched_objects() en un superbloque que ya puede haber sido liberado, lo que causaría una lectura UAF de sb->s_fsnotify_info."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.11.11","matchCriteriaId":"158A6B22-9260-41D7-965A-A81798A5A969"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.2","matchCriteriaId":"D8882B1B-2ABC-4838-AC1D-DBDBB5764776"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/21d1b618b6b9da46c5116c640ac4b1cc8d40d63a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/45a8f8232a495221ed058191629f5c628f21601a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/83af1cfa10d9aafdabd06b3655e07727f373b434","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://project-zero.issues.chromium.org/issues/379667898","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}