5.5

CVE-2021-47433

btrfs: fix abort logic in btrfs_replace_file_extents

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix abort logic in btrfs_replace_file_extents

Error injection testing uncovered a case where we'd end up with a
corrupt file system with a missing extent in the middle of a file.  This
occurs because the if statement to decide if we should abort is wrong.

The only way we would abort in this case is if we got a ret !=
-EOPNOTSUPP and we called from the file clone code.  However the
prealloc code uses this path too.  Instead we need to abort if there is
an error, and the only error we _don't_ abort on is -EOPNOTSUPP and only
if we came from the clone file code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.75
LinuxLinux Kernel Version >= 5.11 < 5.14.14
LinuxLinux Kernel Version5.15 Updaterc1
LinuxLinux Kernel Version5.15 Updaterc2
LinuxLinux Kernel Version5.15 Updaterc3
LinuxLinux Kernel Version5.15 Updaterc4
LinuxLinux Kernel Version5.15 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.165
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c
Patch
https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378
Patch
https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f
Patch