[SRU][F/J][PATCH 0/2] CVE-2024-39494
Juerg Haefliger
juerg.haefliger at canonical.com
Tue Aug 27 10:13:51 UTC 2024
https://ubuntu.com/security/CVE-2024-39494
[ Impact ]
Potential use-after-free if IMA is enabled and measured files are renamed.
[ Test Case ]
Enabled IMA and verified that (some) measurements were taken without
catastrophic results. Note that not all of the modified (crucial) paths
were taken (don't know how to force the exact condition).
[ Where Problems Could Occur ]
Problems might show up if IMA is enabled (via a kernel commandline option)
and the kernel collects hashes of files or performs other IMA related operations.
There are also minor modifications of generic fs routines so any filesystem
operation could cause issues.
More information about the kernel-team
mailing list