CVE-2024-47679: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-47679 is a race condition vulnerability discovered in the Linux kernel's Virtual File System (VFS) subsystem, specifically between evictinodes() and findinode()&iput() functions. The vulnerability was discovered in August 2024 and affects Linux kernel versions from 2.6.37 up to versions before 5.10.227, 5.15.168, 6.1.113, 6.6.54, and 6.11.2 (NVD).

The vulnerability occurs due to a race condition in the Virtual File System where two threads can simultaneously evict the same inode. The issue arises when one thread calls iput() on an inode with icount 1, while another thread concurrently calls genericshutdownsuper(). This can lead to a situation where both threads attempt to evict the same inode simultaneously, potentially triggering a BUG statement within clearinode() and iput() (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 base score of 4.7 (Medium) with vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a denial of service condition through system crashes when the race condition is triggered. The impact is limited to availability with no direct impact on confidentiality or integrity of the system (NVD).

The vulnerability has been fixed by adding a recheck of the inode->icount after holding ilock. The fix has been implemented in multiple kernel versions and is available through various distribution updates. Ubuntu has released security updates to address this vulnerability in their kernel packages for versions 20.04 LTS and 22.04 LTS (Ubuntu Security).