CVE-2024-47699: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-47699 affects the NILFS2 filesystem implementation in the Linux kernel. The vulnerability was discovered in September 2024 and involves a potential NULL pointer dereference in the nilfsbtreeinsert() function. This security issue affects Linux kernel versions from 2.6.30 up to (excluding) 6.11.2 (NVD).

The vulnerability occurs when a b-tree is broken on the device, and the b-tree height is greater than 2 (the level of the root node is greater than 1) even if the number of child nodes of the b-tree root is 0. In this case, a NULL pointer dereference occurs in nilfsbtreeprepareinsert(), which is called from nilfsbtreeinsert(). This happens because nilfsbtreedolookup() does not set the block buffer head in path.bp_bh when the number of child nodes of the b-tree root is 0, leaving it as NULL. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 MEDIUM (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (NVD).

The vulnerability can lead to a system crash through a NULL pointer dereference when accessing corrupted NILFS2 filesystem images, potentially causing a denial of service condition (Kernel Patch).

The issue has been fixed by adding a check to nilfsbtreeroot_broken() function, which performs sanity checks when reading the root node from the device to detect this inconsistency. The fix has been incorporated into various Linux kernel versions through security updates (Ubuntu Security Notice).