| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022637-CVE-2022-49318-732e@gregkh> Date: Wed, 26 Feb 2025 03:09:52 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49318: f2fs: remove WARN_ON in f2fs_is_valid_blkaddr Description =========== In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARN_ON in f2fs_is_valid_blkaddr Syzbot triggers two WARNs in f2fs_is_valid_blkaddr and __is_bitmap_valid. For example, in f2fs_is_valid_blkaddr, if type is DATA_GENERIC_ENHANCE or DATA_GENERIC_ENHANCE_READ, it invokes WARN_ON if blkaddr is not in the right range. The call trace is as follows: f2fs_get_node_info+0x45f/0x1070 read_node_page+0x577/0x1190 __get_node_page.part.0+0x9e/0x10e0 __get_node_page f2fs_get_node_page+0x109/0x180 do_read_inode f2fs_iget+0x2a5/0x58b0 f2fs_fill_super+0x3b39/0x7ca0 Fix these two WARNs by replacing WARN_ON with dump_stack. The Linux kernel CVE team has assigned CVE-2022-49318 to this issue. Affected and fixed versions =========================== Fixed in 5.4.198 with commit 0a7a1fc7e71eecf2e5053a6c312c9f0dcbb9b8fd Fixed in 5.10.122 with commit 32bea51fe4c6e92c00403739f7547c89219bea88 Fixed in 5.15.47 with commit 99c09b298e47ebbe345a6da9f268b32a6b0f4582 Fixed in 5.17.15 with commit cd6374af36cc548464d8c47a93fdba7303bb82a4 Fixed in 5.18.4 with commit 8c62c5e26345c34d199b4b8c8e69255ba3d0e751 Fixed in 5.19 with commit dc2f78e2d4cc844a1458653d57ce1b54d4a29f21 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49318 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/f2fs/checkpoint.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/0a7a1fc7e71eecf2e5053a6c312c9f0dcbb9b8fd https://git.kernel.org/stable/c/32bea51fe4c6e92c00403739f7547c89219bea88 https://git.kernel.org/stable/c/99c09b298e47ebbe345a6da9f268b32a6b0f4582 https://git.kernel.org/stable/c/cd6374af36cc548464d8c47a93fdba7303bb82a4 https://git.kernel.org/stable/c/8c62c5e26345c34d199b4b8c8e69255ba3d0e751 https://git.kernel.org/stable/c/dc2f78e2d4cc844a1458653d57ce1b54d4a29f21
Powered by blists - more mailing lists