CVE-2024-46781: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46781 is a use-after-free vulnerability discovered in the Linux kernel's NILFS2 filesystem recovery functionality. The vulnerability was identified during an error injection test of mount-time recovery routines and was disclosed on September 18, 2024. It affects Linux kernel versions from 2.6.30 up to versions before 6.10.10 (NVD).

The vulnerability occurs in the NILFS2 filesystem when data recovery is performed using partial logs created by dsync writes. If an error occurs before starting the log writer to create a recovered checkpoint, the inodes whose data had been recovered are left in the nsdirtyfiles list of the nilfs object and are not properly freed. This results in a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a use-after-free condition in the Linux kernel's NILFS2 filesystem, potentially causing system crashes or denial of service. The impact is limited to local attacks and primarily affects system availability, with no direct impact on confidentiality or integrity (NVD).

The vulnerability has been fixed by adding proper cleanup of inodes that have read recovery data when the recovery routine fails. The fix involves implementing a new nilfsabortroll_forward function that properly handles the cleanup of dirty files list. Users should update to patched kernel versions that include the fix (Kernel Patch).