DEBIAN-CVE-2024-56570

DEBIAN-CVE-2024-56570 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:12	linux	6.1.38-3, 6.1.90-1, 6.1.90-1~bpo11+1
Debian:11	linux-6.1	6.1.112-1, 6.1.106-3, 6.1.119-1
Debian:11	linux	5.10.205-1, 5.10.205-2, 5.10.209-1
Debian:13	linux	0, 0
Debian:14	linux	0, 0

Exploit Intelligence

USN-7389-1.json (github-poc)

Timeline

Dec 27, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-56570 advisory

Open in Interactive Console →