CVE & CISA-KEV Catalog

CVE-2024-57895

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTR_CTIME flags when setting mtime David reported that the new warning from setattr_copy_mgtime is coming like the following. [ 113.215316] ------------[ cut here ]------------ [ 113.215974] WARNING: CPU: 1 PID: 31 at fs/attr.c:300 setattr_copy+0x1ee/0x200 [ 113.219192] CPU: 1 UID: 0 PID: 31 Comm: kworker/1:1 Not tainted 6.13.0-rc1+ #234 [ 113.220127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 [ 113.221530] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd] [ 113.222220] RIP: 0010:setattr_copy+0x1ee/0x200 [ 113.222833] Code: 24 28 49 8b 44 24 30 48 89 53 58 89 43 6c 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 89 df e8 77 d6 ff ff e9 cd fe ff ff <0f> 0b e9 be fe ff ff 66 0 [ 113.225110] RSP: 0018:ffffaf218010fb68 EFLAGS: 00010202 [ 113.225765] RAX: 0000000000000120 RBX: ffffa446815f8568 RCX: 0000000000000003 [ 113.226667] RDX: ffffaf218010fd38 RSI: ffffa446815f8568 RDI: ffffffff94eb03a0 [ 113.227531] RBP: ffffaf218010fb90 R08: 0000001a251e217d R09: 00000000675259fa [ 113.228426] R10: 0000000002ba8a6d R11: ffffa4468196c7a8 R12: ffffaf218010fd38 [ 113.229304] R13: 0000000000000120 R14: ffffffff94eb03a0 R15: 0000000000000000 [ 113.230210] FS: 0000000000000000(0000) GS:ffffa44739d00000(0000) knlGS:0000000000000000 [ 113.231215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.232055] CR2: 00007efe0053d27e CR3: 000000000331a000 CR4: 00000000000006b0 [ 113.232926] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 113.233812] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 113.234797] Call Trace: [ 113.235116] <TASK> [ 113.235393] ? __warn+0x73/0xd0 [ 113.235802] ? setattr_copy+0x1ee/0x200 [ 113.236299] ? report_bug+0xf3/0x1e0 [ 113.236757] ? handle_bug+0x4d/0x90 [ 113.237202] ? exc_invalid_op+0x13/0x60 [ 113.237689] ? asm_exc_invalid_op+0x16/0x20 [ 113.238185] ? setattr_copy+0x1ee/0x200 [ 113.238692] btrfs_setattr+0x80/0x820 [btrfs] [ 113.239285] ? get_stack_info_noinstr+0x12/0xf0 [ 113.239857] ? __module_address+0x22/0xa0 [ 113.240368] ? handle_ksmbd_work+0x6e/0x460 [ksmbd] [ 113.240993] ? __module_text_address+0x9/0x50 [ 113.241545] ? __module_address+0x22/0xa0 [ 113.242033] ? unwind_next_frame+0x10e/0x920 [ 113.242600] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 113.243268] notify_change+0x2c2/0x4e0 [ 113.243746] ? stack_depot_save_flags+0x27/0x730 [ 113.244339] ? set_file_basic_info+0x130/0x2b0 [ksmbd] [ 113.244993] set_file_basic_info+0x130/0x2b0 [ksmbd] [ 113.245613] ? process_scheduled_works+0xbe/0x310 [ 113.246181] ? worker_thread+0x100/0x240 [ 113.246696] ? kthread+0xc8/0x100 [ 113.247126] ? ret_from_fork+0x2b/0x40 [ 113.247606] ? ret_from_fork_asm+0x1a/0x30 [ 113.248132] smb2_set_info+0x63f/0xa70 [ksmbd] ksmbd is trying to set the atime and mtime via notify_change without also setting the ctime. so This patch add ATTR_CTIME flags when setting mtime to avoid a warning.

How to fix

Remediation Available
linuxDebian
Fixed in:6.1.164-1CVE-2024-57895
Fixed in:6.12.9-1CVE-2024-57895
Fixed in:6.12.9-1CVE-2024-57895
linuxUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-awsUbuntu
Fixed in:6.8.0-1029.31USN-7513-1
linux-aws-6.8Ubuntu
Fixed in:6.8.0-1029.31~22.04.1USN-7513-1
linux-azureUbuntu
Fixed in:6.8.0-1029.34USN-7513-3
linux-azure-6.8Ubuntu
Fixed in:6.8.0-1029.34~22.04.1USN-7513-3
linux-azure-nvidiaUbuntu
Fixed in:6.8.0-1016.17USN-7522-1
linux-gcpUbuntu
Fixed in:6.8.0-1030.32USN-7515-2
linux-gcp-6.8Ubuntu
Fixed in:6.8.0-1030.32~22.04.1USN-7515-2
linux-gkeUbuntu
Fixed in:6.8.0-1025.29USN-7515-1
linux-gkeopUbuntu
Fixed in:6.8.0-1012.14USN-7515-2
linux-hwe-6.11Ubuntu
Fixed in:6.11.0-21.21~24.04.1USN-7379-1
linux-hwe-6.8Ubuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-ibmUbuntu
Fixed in:6.8.0-1026.26USN-7513-1
linux-image-6.11.0-1011-lowlatencyUbuntu
Fixed in:6.11.0-1011.12~24.04.1USN-7381-1
linux-image-6.11.0-1011-lowlatency-64kUbuntu
Fixed in:6.11.0-1011.12~24.04.1USN-7381-1
linux-image-6.11.0-1017-oemUbuntu
Fixed in:6.11.0-1017.17USN-7382-1
linux-image-6.11.0-21-genericUbuntu
Fixed in:6.11.0-21.21~24.04.1+1USN-7379-1
linux-image-6.11.0-21-generic-64kUbuntu
Fixed in:6.11.0-21.21~24.04.1+1USN-7379-1
linux-image-6.8.0-1012-gkeopUbuntu
Fixed in:6.8.0-1012.14USN-7515-2
linux-image-6.8.0-1016-azure-nvidiaUbuntu
Fixed in:6.8.0-1016.17USN-7522-1
linux-image-6.8.0-1025-gkeUbuntu
Fixed in:6.8.0-1025.29USN-7515-1
linux-image-6.8.0-1026-ibmUbuntu
Fixed in:6.8.0-1026.26USN-7513-1
linux-image-6.8.0-1026-oracleUbuntu
Fixed in:6.8.0-1026.27~22.04.1USN-7513-5
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-6.8.0-1026-oracle-64kUbuntu
Fixed in:6.8.0-1026.27~22.04.1USN-7513-5
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-6.8.0-1028-nvidiaUbuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
Fixed in:6.8.0-1028.31USN-7514-1
linux-image-6.8.0-1028-nvidia-64kUbuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
Fixed in:6.8.0-1028.31USN-7514-1
linux-image-6.8.0-1028-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1028.31.1USN-7514-1
linux-image-6.8.0-1028-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1028.31.1USN-7514-1
linux-image-6.8.0-1028-oemUbuntu
Fixed in:6.8.0-1028.28USN-7513-3
linux-image-6.8.0-1028-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-6.8.0-1029-awsUbuntu
Fixed in:6.8.0-1029.31~22.04.1USN-7513-1
Fixed in:6.8.0-1029.31USN-7513-1
linux-image-6.8.0-1029-azureUbuntu
Fixed in:6.8.0-1029.34~22.04.1USN-7513-3
Fixed in:6.8.0-1029.34USN-7513-3
linux-image-6.8.0-1029-azure-fdeUbuntu
Fixed in:6.8.0-1029.34~22.04.1USN-7513-3
Fixed in:6.8.0-1029.34USN-7513-3
linux-image-6.8.0-1030-gcpUbuntu
Fixed in:6.8.0-1030.32~22.04.1USN-7515-2
Fixed in:6.8.0-1030.32USN-7515-2
linux-image-6.8.0-1030-gcp-64kUbuntu
Fixed in:6.8.0-1030.32~22.04.1USN-7515-2
Fixed in:6.8.0-1030.32USN-7515-2
linux-image-6.8.0-2023-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-6.8.0-60-genericUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
Fixed in:6.8.0-60.63USN-7513-1
linux-image-6.8.0-60-generic-64kUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
Fixed in:6.8.0-60.63USN-7513-1
linux-image-6.8.0-60-lowlatencyUbuntu
Fixed in:6.8.0-60.63.1~22.04.1USN-7513-1
Fixed in:6.8.0-60.63.1USN-7513-1
linux-image-6.8.0-60-lowlatency-64kUbuntu
Fixed in:6.8.0-60.63.1~22.04.1USN-7513-1
Fixed in:6.8.0-60.63.1USN-7513-1
linux-image-6.8.1-1022-realtimeUbuntu
Fixed in:6.8.1-1022.23USN-7513-2
linux-image-awsUbuntu
Fixed in:6.8.0-1029.31~22.04.1USN-7513-1
Fixed in:6.8.0-1029.31USN-7513-1
linux-image-aws-lts-24.04Ubuntu
Fixed in:6.8.0-1029.31USN-7513-1
linux-image-azureUbuntu
Fixed in:6.8.0-1029.34~22.04.1USN-7513-3
linux-image-azure-fdeUbuntu
Fixed in:6.8.0-1029.34~22.04.1USN-7513-3
linux-image-azure-fde-lts-24.04Ubuntu
Fixed in:6.8.0-1029.34USN-7513-3
linux-image-azure-lts-24.04Ubuntu
Fixed in:6.8.0-1029.34USN-7513-3
linux-image-azure-nvidiaUbuntu
Fixed in:6.8.0-1016.17USN-7522-1
linux-image-gcpUbuntu
Fixed in:6.8.0-1030.32~22.04.1USN-7515-2
linux-image-gcp-64kUbuntu
Fixed in:6.8.0-1030.32~22.04.1USN-7515-2
linux-image-gcp-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1030.32USN-7515-2
linux-image-gcp-lts-24.04Ubuntu
Fixed in:6.8.0-1030.32USN-7515-2
linux-image-genericUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-image-generic-64kUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-image-generic-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-generic-64k-hwe-24.04Ubuntu
Fixed in:6.11.0-21.21~24.04.1USN-7379-1
linux-image-generic-hwe-22.04Ubuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-generic-hwe-24.04Ubuntu
Fixed in:6.11.0-21.21~24.04.1USN-7379-1
linux-image-generic-lpaeUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-image-gkeUbuntu
Fixed in:6.8.0-1025.29USN-7515-1
linux-image-gkeopUbuntu
Fixed in:6.8.0-1012.14USN-7515-2
linux-image-gkeop-6.8Ubuntu
Fixed in:6.8.0-1012.14USN-7515-2
linux-image-ibmUbuntu
Fixed in:6.8.0-1026.26USN-7513-1
linux-image-ibm-classicUbuntu
Fixed in:6.8.0-1026.26USN-7513-1
linux-image-ibm-lts-24.04Ubuntu
Fixed in:6.8.0-1026.26USN-7513-1
linux-image-kvmUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-image-lowlatencyUbuntu
Fixed in:6.8.0-60.63.1USN-7513-1
linux-image-lowlatency-64kUbuntu
Fixed in:6.8.0-60.63.1USN-7513-1
linux-image-lowlatency-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-60.63.1~22.04.1USN-7513-1
linux-image-lowlatency-64k-hwe-24.04Ubuntu
Fixed in:6.11.0-1011.12~24.04.1USN-7381-1
linux-image-lowlatency-hwe-22.04Ubuntu
Fixed in:6.8.0-60.63.1~22.04.1USN-7513-1
linux-image-lowlatency-hwe-24.04Ubuntu
Fixed in:6.11.0-1011.12~24.04.1USN-7381-1
linux-image-nvidiaUbuntu
Fixed in:6.8.0-1028.31USN-7514-1
linux-image-nvidia-6.8Ubuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
linux-image-nvidia-64kUbuntu
Fixed in:6.8.0-1028.31USN-7514-1
linux-image-nvidia-64k-6.8Ubuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
linux-image-nvidia-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
linux-image-nvidia-hwe-22.04Ubuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
linux-image-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1028.31.1USN-7514-1
linux-image-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1028.31.1USN-7514-1
linux-image-oem-22.04Ubuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-oem-22.04aUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-oem-22.04bUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-oem-22.04cUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-oem-22.04dUbuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-oem-24.04Ubuntu
Fixed in:6.8.0-1028.28USN-7513-3
linux-image-oem-24.04aUbuntu
Fixed in:6.8.0-1028.28USN-7513-3
linux-image-oem-24.04bUbuntu
Fixed in:6.11.0-1017.17USN-7382-1
linux-image-oracleUbuntu
Fixed in:6.8.0-1026.27~22.04.1USN-7513-5
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-oracle-64kUbuntu
Fixed in:6.8.0-1026.27~22.04.1USN-7513-5
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-oracle-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-oracle-lts-24.04Ubuntu
Fixed in:6.8.0-1026.27USN-7513-1
linux-image-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-realtimeUbuntu
Fixed in:6.8.1-1022.23USN-7513-2
linux-image-virtualUbuntu
Fixed in:6.8.0-60.63USN-7513-1
linux-image-virtual-hwe-22.04Ubuntu
Fixed in:6.8.0-60.63~22.04.1USN-7513-4
linux-image-virtual-hwe-24.04Ubuntu
Fixed in:6.11.0-21.21~24.04.1USN-7379-1
linux-lowlatencyUbuntu
Fixed in:6.8.0-60.63.1USN-7513-1
linux-lowlatency-hwe-6.11Ubuntu
Fixed in:6.11.0-1011.12~24.04.1USN-7381-1
linux-lowlatency-hwe-6.8Ubuntu
Fixed in:6.8.0-60.63.1~22.04.1USN-7513-1
linux-nvidiaUbuntu
Fixed in:6.8.0-1028.31USN-7514-1
linux-nvidia-6.8Ubuntu
Fixed in:6.8.0-1028.31~22.04.1USN-7514-1
linux-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1028.31.1USN-7514-1
linux-oem-6.11Ubuntu
Fixed in:6.11.0-1017.17USN-7382-1
linux-oem-6.8Ubuntu
Fixed in:6.8.0-1028.28USN-7513-3
linux-oracleUbuntu
Fixed in:6.8.0-1026.27USN-7513-1
linux-oracle-6.8Ubuntu
Fixed in:6.8.0-1026.27~22.04.1USN-7513-5
linux-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-realtimeUbuntu
Fixed in:6.8.1-1022.23USN-7513-2

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.20%probability of exploitation in 30 days
10thpercentile

Low risk: more likely to be exploited than 10% of all known CVEs.

References

Embed a live status badge for CVE-2024-57895
CVE-2024-57895 severity badge

Markdown

[![CVE-2024-57895](https://tridentstack.com/cve/badge/CVE-2024-57895.svg)](https://tridentstack.com/cve/CVE-2024-57895)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-57895"><img src="https://tridentstack.com/cve/badge/CVE-2024-57895.svg" alt="CVE-2024-57895"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-04-06.