CVE-2024-50247: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50247 is a vulnerability discovered in the Linux kernel's NTFS3 filesystem implementation. The issue was identified in the file system's chunk decompression functionality, where an incorrectly formatted chunk may decompress into more than LZNTCHUNKSIZE bytes, leading to an index out of bounds condition in smaxoff. The vulnerability was disclosed on November 9, 2024, affecting multiple versions of the Linux kernel (NVD).

The vulnerability is classified as an Out-of-bounds Read (CWE-125) with a CVSS v3.1 Base Score of 7.1 (HIGH). The attack vector is local (AV:L), with low attack complexity (AC:L) and requiring low privileges (PR:L). The vulnerability requires no user interaction (UI:N) and can affect system integrity and availability (C:N/I:H/A:H). The issue specifically occurs in the NTFS3 filesystem's LZNT compression handling, where malformed input can cause the decompression routine to write beyond the intended chunk size boundary (NVD).

The vulnerability can lead to system integrity and availability compromise through an out-of-bounds read condition. This could potentially allow an attacker with local access to cause system instability or potentially execute arbitrary code within the kernel context (NVD).

The vulnerability has been patched in various Linux kernel versions. The fix involves adding a check to ensure that the number of bytes written during decompression does not exceed LZNTCHUNKSIZE. Updated kernel versions include 5.15.171, 6.1.116, 6.6.60, and 6.11.7. Users are advised to update to these or later versions (Kernel Patch).