We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56692

f2fs: fix to do sanity check on node blkaddr in truncate_node()



Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncate_node() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 Call Trace: truncate_node+0x1ae/0x8c0 fs/f2fs/node.c:909 f2fs_remove_inode_page+0x5c2/0x870 fs/f2fs/node.c:1288 f2fs_evict_inode+0x879/0x15c0 fs/f2fs/inode.c:856 evict+0x4e8/0x9b0 fs/inode.c:723 f2fs_handle_failed_inode+0x271/0x2e0 fs/f2fs/inode.c:986 f2fs_create+0x357/0x530 fs/f2fs/namei.c:394 lookup_open fs/namei.c:3595 [inline] open_last_lookups fs/namei.c:3694 [inline] path_openat+0x1c03/0x3590 fs/namei.c:3930 do_filp_open+0x235/0x490 fs/namei.c:3960 do_sys_openat2+0x13e/0x1d0 fs/open.c:1415 do_sys_open fs/open.c:1430 [inline] __do_sys_openat fs/open.c:1446 [inline] __se_sys_openat fs/open.c:1441 [inline] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 The root cause is: on a fuzzed image, blkaddr in nat entry may be corrupted, then it will cause system panic when using it in f2fs_invalidate_blocks(), to avoid this, let's add sanity check on nat blkaddr in truncate_node().

Reserved 2024-12-27 | Published 2024-12-28 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 27d6e7eff07f8cce8e83b162d8f21a07458c860d
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before c1077078ce4589b5e5387f6b0aaa0d4534b9eb57
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 0a5c8b3fbf6200f1c66062d307c9a52084917788
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 6babe00ccd34fc65b78ef8b99754e32b4385f23d
affected

Default status
affected

6.6.64
unaffected

6.11.11
unaffected

6.12.2
unaffected

6.13
unaffected

References

git.kernel.org/...c/27d6e7eff07f8cce8e83b162d8f21a07458c860d

git.kernel.org/...c/c1077078ce4589b5e5387f6b0aaa0d4534b9eb57

git.kernel.org/...c/0a5c8b3fbf6200f1c66062d307c9a52084917788

git.kernel.org/...c/6babe00ccd34fc65b78ef8b99754e32b4385f23d

cve.org (CVE-2024-56692)

nvd.nist.gov (CVE-2024-56692)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56692

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.