{"id":"CVE-2024-26981","summary":"nilfs2: fix OOB in nilfs_set_de_type","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT \u003e\u003e S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode & S_IFMT) \u003e\u003e S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode-\u003ei_mode;\n\n\tde-\u003efile_type = nilfs_type_by_mode[(mode & S_IFMT)\u003e\u003eS_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode & S_IFMT == S_IFMT\" is satisfied.  Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors.","modified":"2026-03-20T12:35:20.280437Z","published":"2024-05-01T05:27:06.469Z","related":["MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:1644-1","SUSE-SU-2024:1659-1","SUSE-SU-2024:1663-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26981.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611"},{"type":"WEB","url":"https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26981.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26981"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2ba466d74ed74f073257f86e61519cb8f8f46184"},{"fixed":"054f29e9ca05be3906544c5f2a2c7321c30a4243"},{"fixed":"90f43980ea6be4ad903e389be9a27a2a0018f1c8"},{"fixed":"7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1"},{"fixed":"bdbe483da21f852c93b22557b146bc4d989260f0"},{"fixed":"897ac5306bbeb83e90c437326f7044c79a17c611"},{"fixed":"2382eae66b196c31893984a538908c3eb7506ff9"},{"fixed":"90823f8d9ecca3d5fa6b102c8e464c62f416975f"},{"fixed":"c4a7dc9523b59b3e73fd522c73e95e072f876b16"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26981.json"}}],"schema_version":"1.7.5"}