6.3

CVE-2024-27032

f2fs: fix to avoid potential panic during recovery

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to avoid potential panic during recovery

During recovery, if FAULT_BLOCK is on, it is possible that
f2fs_reserve_new_block() will return -ENOSPC during recovery,
then it may trigger panic.

Also, if fault injection rate is 1 and only FAULT_BLOCK fault
type is on, it may encounter deadloop in loop of block reservation.

Let's change as below to fix these issues:
- remove bug_on() to avoid panic.
- limit the loop count of block reservation to avoid potential
deadloop.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.19.307 < 4.20
LinuxLinux Kernel Version >= 5.4.269 < 5.5
LinuxLinux Kernel Version >= 5.10.210 < 5.11
LinuxLinux Kernel Version >= 5.15.149 < 5.16
LinuxLinux Kernel Version >= 6.1.77 < 6.1.83
LinuxLinux Kernel Version >= 6.6.16 < 6.6.23
LinuxLinux Kernel Version >= 6.7.4 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.205
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.3 1 5.2
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58
Patch
https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c
Patch
https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1
Patch
https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67
Patch
https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0
Patch