{"id":"CVE-2024-41086","summary":"bcachefs: Fix sb_field_downgrade validation","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbcachefs: Fix sb_field_downgrade validation\n\n- bch2_sb_downgrade_validate() wasn't checking for a downgrade entry\n  extending past the end of the superblock section\n\n- for_each_downgrade_entry() is used in to_text() and needs to work on\n  malformed input; it also was missing a check for a field extending\n  past the end of the section","modified":"2026-04-02T12:17:25.585927Z","published":"2024-07-29T15:48:02.175Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41086.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/692aa7a54b2b28d59f24b3bf8250837805484b99"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bf920ed92ef24dcd6970c88881cd4700b3acf05b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41086.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41086"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"84f1638795da1ff2084597de4251e9054f1ad728"},{"fixed":"bf920ed92ef24dcd6970c88881cd4700b3acf05b"},{"fixed":"692aa7a54b2b28d59f24b3bf8250837805484b99"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41086.json"}}],"schema_version":"1.7.5"}