CVE-2024-27032

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to avoid potential panic during recovery

During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic.

Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation.

Let's change as below to fix these issues:

  • remove bug_on() to avoid panic.
  • limit the loop count of block reservation to avoid potential deadloop.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb1020a546779139eec5d930e15ce534c1101b89c < fe4de493572a4263554903bf9c3afc5c196e15f0affected
LinuxLinux2a7b12d4705bc308cf18eae2b69ec8db34881cc3 < 8844b2f8a3f0c428b74672f9726f9950b1a7764caffected
LinuxLinuxb29cc6e29b5e6037e1bcd2b2ac67b7d89acd194c < d034810d02a5af8eb74debe29877dcaf5f00fdd1affected
LinuxLinux956fa1ddc132e028f3b7d4cf17e6bfc8cb36c7fd < f26091a981318b5b7451d61f99bc073a6af8db67affected
LinuxLinux956fa1ddc132e028f3b7d4cf17e6bfc8cb36c7fd < 21ec68234826b1b54ab980a8df6e33c74cfbee58affected
LinuxLinuxbc1fb291f36dd1d9d667241d9fe30b835dbb8ee8affected
LinuxLinux9fceaf8182d453639cddb7f4a6877a1e1564de39affected
LinuxLinux80c69f576ff39d6ae8a6e2107da3dc03b533759caffected
LinuxLinuxb4fb0807a1d60f8642a5fd62bd659cd6052eaf97affected
LinuxLinux6.1.77 < 6.1.83affected
LinuxLinux6.6.16 < 6.6.23affected
LinuxLinux6.7.4 < 6.7.11affected
LinuxLinux4.19.307 < 4.20affected
LinuxLinux5.4.269 < 5.5affected
LinuxLinux5.10.210 < 5.11affected
LinuxLinux5.15.149 < 5.16affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.1.83 <= 6.1.*unaffected
LinuxLinux6.6.23 <= 6.6.*unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References