### [CVE-2024-49966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49966)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=171bf93ce11f4c9929fdce6ce63df8da2f3c4475%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.6.29%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:ocfs2: cancel dqi_sync_work before freeing oinfoocfs2_global_read_info() will initialize and schedule dqi_sync_work at theend, if error occurs after successfully reading global quota, it willtrigger the following warning with CONFIG_DEBUG_OBJECTS_* enabled:ODEBUG: free active (active state 0) object: 00000000d8b0ce28 object type: timer_list hint: qsync_work_fn+0x0/0x16cThis reports that there is an active delayed work when freeing oinfo inerror handling, so cancel dqi_sync_work first.  BTW, return status insteadof -1 when .read_file_info fails.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security