CVE-2024-26590
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
erofs: fix inconsistent per-file compression format
EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization.
However, syzkaller can generate inconsistent crafted images that use
an unsupported algorithmtype for specific inodes, e.g. use MicroLZMA
algorithmtype even it's not set in sbi->available_compr_algs. This
can lead to an unexpected "BUG: kernel NULL pointer dereference" if
the corresponding decompressor isn't built-in.
Fix this by checking against sbi->available_compr_algs for each
m_algorithmformat request. Incorrect !erofs_sb_has_compr_cfgs preset
bitmap is now fixed together since it was harmless previously.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8f89926290c4b3d31748d5089b27952243be0693 < 47467e04816cb297905c0f09bc2d11ef865942d9 | affected |
| Linux | Linux | 8f89926290c4b3d31748d5089b27952243be0693 < 823ba1d2106019ddf195287ba53057aee33cf724 | affected |
| Linux | Linux | 8f89926290c4b3d31748d5089b27952243be0693 < eed24b816e50c6cd18cbee0ff0d7218c8fced199 | affected |
| Linux | Linux | 8f89926290c4b3d31748d5089b27952243be0693 < 118a8cf504d7dfa519562d000f423ee3ca75d2c4 | affected |
| Linux | Linux | 5.16 | affected |
| Linux | Linux | 0 < 5.16 | unaffected |
| Linux | Linux | 6.1.80 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.14 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.2 <= 6.7.* | unaffected |
| Linux | Linux | 6.8 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/47467e04816cb297905c0f09bc2d11ef865942d9
- https://git.kernel.org/stable/c/823ba1d2106019ddf195287ba53057aee33cf724
- https://git.kernel.org/stable/c/eed24b816e50c6cd18cbee0ff0d7218c8fced199
- https://git.kernel.org/stable/c/118a8cf504d7dfa519562d000f423ee3ca75d2c4
References
- https://git.kernel.org/stable/c/47467e04816cb297905c0f09bc2d11ef865942d9
- https://git.kernel.org/stable/c/823ba1d2106019ddf195287ba53057aee33cf724
- https://git.kernel.org/stable/c/eed24b816e50c6cd18cbee0ff0d7218c8fced199
- https://git.kernel.org/stable/c/118a8cf504d7dfa519562d000f423ee3ca75d2c4
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.