THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-26871

f2fs: fix NULL pointer dereference in f2fs_submit_page_write()

AssignerLinux
Reserved2024-02-19
Published2024-04-17
Updated2024-07-05

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix NULL pointer dereference in f2fs_submit_page_write() BUG: kernel NULL pointer dereference, address: 0000000000000014 RIP: 0010:f2fs_submit_page_write+0x6cf/0x780 [f2fs] Call Trace: <TASK> ? show_regs+0x6e/0x80 ? __die+0x29/0x70 ? page_fault_oops+0x154/0x4a0 ? prb_read_valid+0x20/0x30 ? __irq_work_queue_local+0x39/0xd0 ? irq_work_queue+0x36/0x70 ? do_user_addr_fault+0x314/0x6c0 ? exc_page_fault+0x7d/0x190 ? asm_exc_page_fault+0x2b/0x30 ? f2fs_submit_page_write+0x6cf/0x780 [f2fs] ? f2fs_submit_page_write+0x736/0x780 [f2fs] do_write_page+0x50/0x170 [f2fs] f2fs_outplace_write_data+0x61/0xb0 [f2fs] f2fs_do_write_data_page+0x3f8/0x660 [f2fs] f2fs_write_single_data_page+0x5bb/0x7a0 [f2fs] f2fs_write_cache_pages+0x3da/0xbe0 [f2fs] ... It is possible that other threads have added this fio to io->bio and submitted the io->bio before entering f2fs_submit_page_write(). At this point io->bio = NULL. If is_end_zone_blkaddr(sbi, fio->new_blkaddr) of this fio is true, then an NULL pointer dereference error occurs at bio_get(io->bio). The original code for determining zone end was after "out:", which would have missed some fio who is zone end. I've moved this code before "skip:" to make sure it's done for each fio.

Product status

Default status
unaffected

e067dc3c6b9c before 8e2ea8b04cb8
affected

e067dc3c6b9c before 4c122a32582b
affected

e067dc3c6b9c before 6d102382a11d
affected

e067dc3c6b9c before c2034ef6192a
affected

Default status
affected

6.5
affected

Any version before 6.5
unaffected

6.6.23
unaffected

6.7.11
unaffected

6.8.2
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/8e2ea8b04cb8d976110c4568509e67d6a39b2889

https://git.kernel.org/stable/c/4c122a32582b67bdd44ca8d25f894ee2dc54f566

https://git.kernel.org/stable/c/6d102382a11d5e6035f6c98f6e508a38541f7af3

https://git.kernel.org/stable/c/c2034ef6192a65a986a45c2aa2ed05824fdc0e9f

cve.org CVE-2024-26871

nvd.nist.gov CVE-2024-26871

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26871
© Copyright 2024 THREATINT. Made in Cyprus with +