CVE-2024-47701: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-47701 affects the Linux kernel's ext4 filesystem implementation. The vulnerability was discovered when looking up for an entry in an inlined directory, where if e_value_offs is changed underneath the filesystem by some change in the block device, it leads to an out-of-bounds access that KASAN detects as a use-after-free condition. The issue affects Linux kernel versions from 3.8 up to versions before 5.10.227, 5.15.168, 6.1.113, 6.6.54, and 6.11.2 (NVD).

The vulnerability occurs in the ext4_find_inline_entry function within the ext4 filesystem code. When processing inlined directory entries, the code fails to properly validate xattr changes that occur underneath the filesystem, leading to an out-of-bounds memory access. The issue has been assigned a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-416: Use After Free (NVD).

The vulnerability could allow an attacker to cause a denial of service (system crash) or potentially execute arbitrary code through an out-of-bounds memory access. The issue affects the core filesystem functionality, potentially compromising system stability and security (NVD).

The vulnerability has been fixed by adding a validation check using ext4_xattr_ibody_find right after reading the inode with ext4_get_inode_loc. This ensures proper validation of xattrs before processing. The fix has been implemented in multiple kernel versions through backported patches. Users should update to patched kernel versions: 5.10.227 or later, 5.15.168 or later, 6.1.113 or later, 6.6.54 or later, or 6.11.2 or later (Kernel Patch).