7

CVE-2024-34027

f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock

In the Linux kernel, the following vulnerability has been resolved:

f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock

It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock
to avoid racing with checkpoint, otherwise, filesystem metadata including
blkaddr in dnode, inode fields and .total_valid_block_count may be
corrupted after SPO case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8 < 5.10.219
LinuxLinux Kernel Version >= 5.11 < 5.15.161
LinuxLinux Kernel Version >= 5.16 < 6.1.93
LinuxLinux Kernel Version >= 6.2 < 6.6.33
LinuxLinux Kernel Version >= 6.7 < 6.9.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.133
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019
Patch
https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b
Patch
https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f
Patch
https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4
Patch
https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b
Patch
https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html