CVE-2024-27032
6.3
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid potential panic during recovery
During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic.
Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation.
Let's change as below to fix these issues:
- remove bug_on() to avoid panic.
- limit the loop count of block reservation to avoid potential deadloop.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | b1020a546779139eec5d930e15ce534c1101b89c < fe4de493572a4263554903bf9c3afc5c196e15f0 | affected |
| Linux | Linux | 2a7b12d4705bc308cf18eae2b69ec8db34881cc3 < 8844b2f8a3f0c428b74672f9726f9950b1a7764c | affected |
| Linux | Linux | b29cc6e29b5e6037e1bcd2b2ac67b7d89acd194c < d034810d02a5af8eb74debe29877dcaf5f00fdd1 | affected |
| Linux | Linux | 956fa1ddc132e028f3b7d4cf17e6bfc8cb36c7fd < f26091a981318b5b7451d61f99bc073a6af8db67 | affected |
| Linux | Linux | 956fa1ddc132e028f3b7d4cf17e6bfc8cb36c7fd < 21ec68234826b1b54ab980a8df6e33c74cfbee58 | affected |
| Linux | Linux | bc1fb291f36dd1d9d667241d9fe30b835dbb8ee8 | affected |
| Linux | Linux | 9fceaf8182d453639cddb7f4a6877a1e1564de39 | affected |
| Linux | Linux | 80c69f576ff39d6ae8a6e2107da3dc03b533759c | affected |
| Linux | Linux | b4fb0807a1d60f8642a5fd62bd659cd6052eaf97 | affected |
| Linux | Linux | 6.1.77 < 6.1.83 | affected |
| Linux | Linux | 6.6.16 < 6.6.23 | affected |
| Linux | Linux | 6.7.4 < 6.7.11 | affected |
| Linux | Linux | 4.19.307 < 4.20 | affected |
| Linux | Linux | 5.4.269 < 5.5 | affected |
| Linux | Linux | 5.10.210 < 5.11 | affected |
| Linux | Linux | 5.15.149 < 5.16 | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.1.83 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.23 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.11 <= 6.7.* | unaffected |
| Linux | Linux | 6.8.2 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0
- https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c
- https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1
- https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67
- https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58
References
- https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0
- https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c
- https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1
- https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67
- https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.