CVE-2024-27034

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: compress: fix to cover normal cluster write with cp_rwsem

When we overwrite compressed cluster w/ normal cluster, we should not unlock cp_rwsem during f2fs_write_raw_pages(), otherwise data will be corrupted if partial blocks were persisted before CP & SPOR, due to cluster metadata wasn't updated atomically.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < 7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416affected
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < 542c8b3c774a480bfd0804291a12f6f2391b0cd1affected
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < 75abfd61392b1db391bde6d738a30d685b843286affected
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < 2b1b14d9fc94b8feae20808684c8af28ec80f45baffected
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < 52982edfcefd475cc34af663d5c47c0cddaa5739affected
LinuxLinux4c8ff7095bef64fc47e996a938f7d57f9e077da3 < fd244524c2cf07b5f4c3fe8abd6a99225c76544baffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.15.153 <= 5.15.*unaffected
LinuxLinux6.1.83 <= 6.1.*unaffected
LinuxLinux6.6.23 <= 6.6.*unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References