NVD Vulnerability Detail

CVE-2024-47660

Summary	In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time. Since the bulk of this function happens under inode->i_lock this causes a significant contention on the lock when we remove the watch from the directory as the __fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask() races with __fsnotify_update_child_dentry_flags() calls from __fsnotify_parent() happening on children. This can lead upto softlockup reports reported by users. Fix the problem by calling fsnotify_update_children_dentry_flags() to set PARENT_WATCHED flags only when parent starts watching children. When parent stops watching children, clear false positive PARENT_WATCHED flags lazily in __fsnotify_parent() for each accessed child.
Publication Date	Oct. 9, 2024, 11:15 p.m.
Registration Date	Oct. 10, 2024, 5 a.m.
Last Update	Oct. 24, 2024, 2 a.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d	Patch
2	https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8	Patch
3	https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e	Patch
4	https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5	Patch
5	https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a	Patch
6	https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e	Patch

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-362	競合状態	https://cwe.mitre.org/data/definitions/362.html

JVN Vulnerability Information

Linux の Linux Kernel における競合状態に関する脆弱性

Title	Linux の Linux Kernel における競合状態に関する脆弱性
Summary	Linux の Linux Kernel には、競合状態に関する脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 5, 2024, midnight
Registration Date	Oct. 29, 2024, 11:05 a.m.
Last Update	Sept. 9, 2025, 10:24 a.m.

Affected System

Linux

Linux Kernel 5.10.226 未満

Linux Kernel 5.11 以上 5.15.167 未満

Linux Kernel 5.16 以上 6.1.109 未満

Linux Kernel 6.2 以上 6.6.50 未満

Linux Kernel 6.7 以上 6.10.9 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-47660	https://www.cve.org/CVERecord?id=CVE-2024-47660
National Vulnerability Database (NVD)
2	CVE-2024-47660	https://nvd.nist.gov/vuln/detail/CVE-2024-47660

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-362	https://jvndb.jvn.jp/ja/cwe/CWE-362.html

ベンダー情報

No	Name	URL
Kernel.org git repositories
1	fsnotify: clear PARENT_WATCHED flags lazily (172e422)	https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e
2	fsnotify: clear PARENT_WATCHED flags lazily (3f3ef1d)	https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d
3	fsnotify: clear PARENT_WATCHED flags lazily (7ef1d2e)	https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a
4	fsnotify: clear PARENT_WATCHED flags lazily (d8c4240)	https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e
5	fsnotify: clear PARENT_WATCHED flags lazily (f9a48bc)	https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8
6	fsnotify: clear PARENT_WATCHED flags lazily (fc1b1e1)	https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5
Linux Kernel
7	Linux Kernel Archives	https://www.kernel.org

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-25-226-07	https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07
JVN
2	JVNVU#92169998	https://jvn.jp/vu/JVNVU92169998/index.html

Change Log

No	Changed Details	Date of change
1	[2024年10月29日] 掲載	Oct. 29, 2024, 11:05 a.m.
2	[2025年08月19日] 参考情報：JVN (JVNVU#92169998) を追加参考情報：ICS-CERT ADVISORY (ICSA-25-226-07) を追加	Aug. 19, 2025, 11:51 a.m.