CVE-2024-47690

In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704 dispose_list fs/inode.c:747 [inline] evict_inodes+0x5f9/0x690 fs/inode.c:797 generic_shutdown_super+0x9d/0x2d0 fs/super.c:627 kill_block_super+0x44/0x90 fs/super.c:1696 kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898 deactivate_locked_super+0xc4/0x130 fs/super.c:473 cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373 task_work_run+0x24f/0x310 kernel/task_work.c:228 ptrace_notify+0x2d2/0x380 kernel/signal.c:2402 ptrace_report_syscall include/linux/ptrace.h:415 [inline] ptrace_report_syscall_exit include/linux/ptrace.h:477 [inline] syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173 syscall_exit_to_user_mode_prepare kernel/entry/common.c:200 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:205 [inline] syscall_exit_to_user_mode+0x279/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Online repaire on corrupted directory in f2fs_lookup() can generate dirty data/meta while racing w/ readonly remount, it may leave dirty inode after filesystem becomes readonly, however, checkpoint() will skips flushing dirty inode in a state of readonly mode, result in above panic. Let's get rid of online repaire in f2fs_lookup(), and leave the work to fsck.f2fs.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Oct 2024, 21:25

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: deshacerse de la reparación en línea en un directorio dañado syzbot informa un error de f2fs como el siguiente: ¡ERROR del kernel en fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Seguimiento de llamadas: evict+0x532/0x950 fs/inode.c:704 dispose_list fs/inode.c:747 [en línea] evict_inodes+0x5f9/0x690 fs/inode.c:797 generic_shutdown_super+0x9d/0x2d0 fs/super.c:627 kill_block_super+0x44/0x90 fs/super.c:1696 kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898 deactivate_locked_super+0xc4/0x130 fs/super.c:473 cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373 task_work_run+0x24f/0x310 kernel/task_work.c:228 ptrace_notify+0x2d2/0x380 kernel/signal.c:2402 ptrace_report_syscall include/linux/ptrace.h:415 [en línea] ptrace_report_syscall_exit include/linux/ptrace.h:477 [en línea] syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173 syscall_salir_a_modo_usuario_prepare kernel/entry/common.c:200 [en línea] __syscall_salir_a_modo_usuario_work kernel/entry/common.c:205 [en línea] syscall_exit_to_user_mode+0x279/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 La reparación en línea en un directorio dañado en f2fs_lookup() puede generar datos/meta sucios mientras se corre con el remontaje de solo lectura, puede dejar un inodo sucio después de que el sistema de archivos se vuelva de solo lectura, sin embargo, checkpoint() omitirá la limpieza del inodo sucio en un estado de modo de solo lectura, lo que dará como resultado el pánico mencionado anteriormente. Deshagámonos de la reparación en línea en f2fs_lookup() y dejemos el trabajo a fsck.f2fs.
References () https://git.kernel.org/stable/c/884ee6dc85b959bc152f15bca80c30f06069e6c4 - () https://git.kernel.org/stable/c/884ee6dc85b959bc152f15bca80c30f06069e6c4 - Patch
References () https://git.kernel.org/stable/c/8be95cd607478d85fa4626e86f811e785905bcbf - () https://git.kernel.org/stable/c/8be95cd607478d85fa4626e86f811e785905bcbf - Patch
References () https://git.kernel.org/stable/c/bcefd0b0611f35b560d0a7281d87529fbe7a1e32 - () https://git.kernel.org/stable/c/bcefd0b0611f35b560d0a7281d87529fbe7a1e32 - Patch
References () https://git.kernel.org/stable/c/e8d64f598eeb079c42a52deaa3a91312c736a49d - () https://git.kernel.org/stable/c/e8d64f598eeb079c42a52deaa3a91312c736a49d - Patch
References () https://git.kernel.org/stable/c/f4746f2d79507f65cfbde11d3c39ee8338aa50af - () https://git.kernel.org/stable/c/f4746f2d79507f65cfbde11d3c39ee8338aa50af - Patch
References () https://git.kernel.org/stable/c/f9ce2f550d53d044ecfb5ce996406cf42cd6b84d - () https://git.kernel.org/stable/c/f9ce2f550d53d044ecfb5ce996406cf42cd6b84d - Patch
First Time Linux linux Kernel
Linux

21 Oct 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 12:15

Updated : 2024-10-23 21:25


NVD link : CVE-2024-47690

Mitre link : CVE-2024-47690

CVE.ORG link : CVE-2024-47690


JSON object : View

Products Affected

linux

  • linux_kernel