| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022644-CVE-2022-49364-29dc@gregkh> Date: Wed, 26 Feb 2025 03:10:38 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49364: f2fs: fix to clear dirty inode in f2fs_evict_inode() Description =========== In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fs_evict_inode() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 shrink_dentry_list+0x17c/0x4f0 shrink_dcache_parent+0x143/0x1e0 do_one_tree+0x9/0x30 shrink_dcache_for_umount+0x51/0x120 generic_shutdown_super+0x5c/0x3a0 kill_block_super+0x90/0xd0 kill_f2fs_super+0x225/0x310 deactivate_locked_super+0x78/0xc0 cleanup_mnt+0x2b7/0x480 task_work_run+0xc8/0x150 exit_to_user_mode_prepare+0x14a/0x150 syscall_exit_to_user_mode+0x1d/0x40 do_syscall_64+0x48/0x90 The root cause is: inode node and dnode node share the same nid, so during f2fs_evict_inode(), dnode node truncation will invalidate its NAT entry, so when truncating inode node, it fails due to invalid NAT entry, result in inode is still marked as dirty, fix this issue by clearing dirty for inode and setting SBI_NEED_FSCK flag in filesystem. output from dump.f2fs: [print_node_info: 354] Node ID [0xf:15] is inode i_nid[0] [0x f : 15] The Linux kernel CVE team has assigned CVE-2022-49364 to this issue. Affected and fixed versions =========================== Fixed in 5.4.198 with commit 54c116615c99e22aa08aa950757ed726e2f60821 Fixed in 5.10.121 with commit ccd58045beb997544b94558a9156be4742628491 Fixed in 5.15.46 with commit c9196d21359be8c7ee231029d13682273925fd00 Fixed in 5.17.14 with commit 03c9373b15fa1c245ec99b2b5e7ba209eae4ef42 Fixed in 5.18.3 with commit c469953917b319d415fd621b9e5d0ea5203565cd Fixed in 5.19 with commit f2db71053dc0409fae785096ad19cce4c8a95af7 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49364 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/f2fs/inode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/54c116615c99e22aa08aa950757ed726e2f60821 https://git.kernel.org/stable/c/ccd58045beb997544b94558a9156be4742628491 https://git.kernel.org/stable/c/c9196d21359be8c7ee231029d13682273925fd00 https://git.kernel.org/stable/c/03c9373b15fa1c245ec99b2b5e7ba209eae4ef42 https://git.kernel.org/stable/c/c469953917b319d415fd621b9e5d0ea5203565cd https://git.kernel.org/stable/c/f2db71053dc0409fae785096ad19cce4c8a95af7
Powered by blists - more mailing lists