VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Oct 21, 2024· Updated May 12, 2026

CVE-2024-50015

CVE-2024-50015

Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: dax: fix overflowing extents beyond inode size when partially writing

The dax_iomap_rw() does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by user(See signal handling in dax_iomap_iter()), the copied data will be returned and added on inode size, which means that the length of written extents may exceed the inode size, then fsck will fail. An example is given as:

dd if=/dev/urandom of=file bs=4M count=1 dax_iomap_rw iomap_iter // round 1 ext4_iomap_begin ext4_iomap_alloc // allocate 0~2M extents(written flag) dax_iomap_iter // copy 2M data iomap_iter // round 2 iomap_iter_advance iter->pos += iter->processed // iter->pos = 2M ext4_iomap_begin ext4_iomap_alloc // allocate 2~4M extents(written flag) dax_iomap_iter fatal_signal_pending done = iter->pos - iocb->ki_pos // done = 2M ext4_handle_inode_extension ext4_update_inode_size // inode size = 2M

fsck reports: Inode 13, i_size is 2097152, should be 4194304. Fix?

Fix the problem by truncating extents if the written length is smaller than expected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel, a bug in ext4's DAX path can cause overflowing extents beyond inode size when a write is interrupted by a signal, leading to fsck inconsistency.

Vulnerability

Overview

CVE-2024-50015 is a medium-severity vulnerability in the Linux kernel's ext4 filesystem when using DAX (Direct Access) mode. The issue resides in dax_iomap_rw, which maps blocks and copies user data in iterations. If the process is killed by a user signal during the copy operation (as handled in dax_iomap_iter), the partial copied data is still returned and added to the inode size. This can cause the length of written extents to exceed the inode size, leading to filesystem inconsistency detected by fsck [description].

Attack

Vector and Prerequisites

Exploitation requires local access with the ability to trigger a signal delivery (e.g., via kill or pressing Ctrl+C) while a DAX write operation is in progress on an ext4 filesystem. The attacker must have write permissions to the file and the capability to send signals to the writing process. No network-based attack vector exists; the CVSS v3.1 base score is 5.5, with a local attack vector, low complexity, and low privileges required [description].

Impact

If successfully triggered, the vulnerability results in a discrepancy between the allocated extents and the inode size. This does not directly lead to data corruption or privilege escalation, but it causes fsck to report errors and may require filesystem repair. The availability impact is low, as the system remains operational but the filesystem inconsistency must be resolved manually. The CWE classification is CWE-20 (Improper Input Validation) [description].

Mitigation

The fix, committed in Linux kernel stable branches, truncates extents if the written length is smaller than expected, preventing the overflow [3][4]. Users should apply the kernel update containing the commit for their distribution. There is no workaround mentioned in the references; the vulnerability is fixed in updated kernels.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

73

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.