### [CVE-2024-56619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56619)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2ba466d74ed74f073257f86e61519cb8f8f46184%3C%2009d6d05579fd46e61abf6e457bb100ff11f3a9d3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel, the following vulnerability has been resolved:nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()Syzbot reported that when searching for records in a directory where theinode's i_size is corrupted and has a large value, memory access outsidethe folio/page range may occur, or a use-after-free bug may be detected ifKASAN is enabled.This is because nilfs_last_byte(), which is called by nilfs_find_entry()and others to calculate the number of valid bytes of directory data in apage from i_size and the page index, loses the upper 32 bits of the 64-bitsize information due to an inappropriate type of local variable to whichthe i_size value is assigned.This caused a large byte offset value due to underflow in the end addresscalculation in the calling nilfs_find_entry(), resulting in memory accessthat exceeds the folio/page size.Fix this issue by changing the type of the local variable causing the bitloss from "unsigned int" to "u64".  The return value of nilfs_last_byte()is also of type "unsigned int", but it is truncated so as not to exceedPAGE_SIZE and no bit loss occurs, so no change is required.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc