CVE-2024-33847

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: compress: don't allow unaligned truncation on released compress inode

f2fs image may be corrupted after below testcase:

  • mkfs.f2fs -O extra_attr,compression -f /dev/vdb
  • mount /dev/vdb /mnt/f2fs
  • touch /mnt/f2fs/file
  • f2fs_io setflags compression /mnt/f2fs/file
  • dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4
  • f2fs_io release_cblocks /mnt/f2fs/file
  • truncate -s 8192 /mnt/f2fs/file
  • umount /mnt/f2fs
  • fsck.f2fs /dev/vdb

[ASSERT] (fsck_chk_inode_blk:1256) –> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks [FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5] [FSCK] other corrupted bugs [Fail]

The reason is: partial truncation assume compressed inode has reserved blocks, after partial truncation, valid block count may change w/o .i_blocks and .total_valid_block_count update, result in corruption.

This patch only allow cluster size aligned truncation on released compress inode for fixing.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8e1651cd667cd6779db28314844d88b6de8312a3 < b8962cf98595d1ec62f40f23667de830567ec8bcaffected
LinuxLinuxc61404153eb683da9c35aad133131554861ed561 < 8acae047215024d1ac499b3c8337ef1b952f160baffected
LinuxLinuxc61404153eb683da9c35aad133131554861ed561 < 3ccf5210dc941a7aa0180596ac021568be4d35ecaffected
LinuxLinuxc61404153eb683da9c35aad133131554861ed561 < 9f9341064a9b5246a32a7fe56b9f80c6f7f3c62daffected
LinuxLinuxc61404153eb683da9c35aad133131554861ed561 < 5268241b41b1c5d0acca75e9b97d4fd719251c8caffected
LinuxLinuxc61404153eb683da9c35aad133131554861ed561 < 29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeeeaffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.161 <= 5.15.*unaffected
LinuxLinux6.1.93 <= 6.1.*unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.9.4 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References