{"id":"CVE-2024-38583","summary":"nilfs2: fix use-after-free of timer for log writer thread","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis.  Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.","modified":"2026-04-16T04:33:34.150451187Z","published":"2024-06-19T13:37:39.858Z","related":["SUSE-SU-2024:2372-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38583.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"},{"type":"WEB","url":"https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"},{"type":"WEB","url":"https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38583.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38583"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fdce895ea5dd4e24edf1f4d693827349a4e5b3b4"},{"fixed":"822ae5a8eac30478578a75f7e064f0584931bf2d"},{"fixed":"82933c84f188dcfe89eb26b0b48ab5d1ca99d164"},{"fixed":"67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"},{"fixed":"e65ccf3a4de4f0c763d94789615b83e11f204438"},{"fixed":"86a30d6302deddb9fb97ba6fc4b04d0e870b582a"},{"fixed":"f9186bba4ea282b07293c1c892441df3a5441cb0"},{"fixed":"2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"},{"fixed":"68e738be5c518fc3c4e9146b66f67c8fee0135fb"},{"fixed":"f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38583.json"}}],"schema_version":"1.7.5"}