{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T03:09:14.605","vulnerabilities":[{"cve":{"id":"CVE-2024-57924","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-01-19T12:15:26.530","lastModified":"2026-05-12T13:16:24.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem >encode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when ->encode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of ->encode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels < v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels < v6.6."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs: relajar las aserciones en caso de fallo en la codificación de identificadores de archivos La codificación de identificadores de archivos normalmente se realiza mediante un método &gt;encode_fh() del sistema de archivos que puede fallar por varias razones. Los usuarios heredados de exportfs_encode_fh(), es decir, nfsd y la llamada al sistema name_to_handle_at(2) están preparados para hacer frente a la posibilidad de un fallo en la codificación de un identificador de archivo. Hay algunos otros usuarios de exportfs_encode_{fh,fid}() que actualmente tienen una aserción WARN_ON() cuando -&gt;encode_fh() falla. Relajen esas aserciones porque son incorrectas. El segundo informe de error vinculado indica el commit 16aac5ad1fa9 (\"ovl: compatibilidad con la codificación de identificadores de archivos no decodificables\") en v6.6 como el commit regresiva, pero esto no es exacto. El commit mencionado anteriormente solo aumenta las posibilidades de la aserción y permite activar la aserción con el reproductor usando overlayfs, inotify y drop_caches. Activar esta aserción siempre fue posible con otros sistemas de archivos y otras razones de fallas de -&gt;encode_fh() y, más particularmente, también fue posible con el mismo reproductor exacto usando overlayfs que está montado con las opciones index=on,nfs_export=on también en kernels &lt; v6.6. Por lo tanto, no estoy listando el commit mencionado anteriormente como un commit de correcciones. Sugerencia de retroportación: este parche tendrá un conflicto trivial que se aplica a v6.6.y, y otros conflictos triviales que se aplican a kernels estables &lt; v6.6."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.151","matchCriteriaId":"8C88A0C3-04D7-481C-9189-54F434657FD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.74","matchCriteriaId":"38B2F4A9-C656-4A97-8718-D27E6BDFD82A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.10","matchCriteriaId":"02D604F6-10D1-4F7B-A022-0888406A1121"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*","matchCriteriaId":"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*","matchCriteriaId":"5A073481-106D-4B15-B4C7-FB0213B8E1D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DE491969-75AE-4A6B-9A58-8FC5AF98798F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*","matchCriteriaId":"93C0660D-7FB8-4FBA-892A-B064BA71E49E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*","matchCriteriaId":"034C36A6-C481-41F3-AE9A-D116E5BE6895"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*","matchCriteriaId":"8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/73697928c806fe4689939722184a86fc1c1957b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/974e3fe0ac61de85015bbe5a4990cf4127b304b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/adcde2872f8fc399b249758ae1990dcd53b694ea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f47c834a9131ae64bee3c462f4e610c67b0a000f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}}]}