CVE-2024-42306: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-42306 affects the Linux kernel's UDF (Universal Disk Format) filesystem implementation. The vulnerability was discovered and disclosed on August 17, 2024. The issue occurs when the filesystem block bitmap is corrupted - while corruption is detected during initial bitmap loading and allocation fails with an error, subsequent allocations from the same bitmap could proceed with mixed results due to the bitmap buffer being marked as already loaded (NVD).

The vulnerability exists in the block bitmap handling code of the UDF filesystem. When a corrupted block bitmap is encountered, the code detects the corruption during initial loading but fails to properly handle subsequent allocation attempts from the same corrupted bitmap. The fix implements proper bitmap validation using the BH_verified bit to indicate whether the bitmap is valid, preventing use of corrupted bitmaps in future allocation attempts (Kernel Commit).

If exploited, this vulnerability could lead to filesystem corruption and potential denial of service conditions when accessing UDF filesystems with corrupted block bitmaps (Ubuntu).

The issue has been fixed in multiple Linux kernel versions. Ubuntu has released patches for various kernel versions: 6.8.0-50.51 for 24.04 LTS, 5.15.0-125.135 for 22.04 LTS, and 5.4.0-200.220 for 20.04 LTS. Users are advised to update their systems to the patched kernel versions (Ubuntu).