CVE-2024-42273

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-42273
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42273.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42273
Downstream
Related
Published
2024-08-17T09:15:08Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

f2fs: assign CURSEGALLDATA_ATGC if blkaddr is valid

mkdir /mnt/test/comp f2fs_io setflags compression /mnt/test/comp dd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1 truncate --size 13 /mnt/test/comp/testfile

In the above scenario, we can get a BUGON. kernel BUG at fs/f2fs/segment.c:3589! Call Trace: dowritepage+0x78/0x390 [f2fs] f2fsoutplacewritedata+0x62/0xb0 [f2fs] f2fsdowritedatapage+0x275/0x740 [f2fs] f2fswritesingledatapage+0x1dc/0x8f0 [f2fs] f2fswritemultipages+0x1e5/0xae0 [f2fs] f2fswritecachepages+0xab1/0xc60 [f2fs] f2fswritedatapages+0x2d8/0x330 [f2fs] dowritepages+0xcf/0x270 _writebacksingleinode+0x44/0x350 writebacksbinodes+0x242/0x530 _writebackinodeswb+0x54/0xf0 wbwriteback+0x192/0x310 wbworkfn+0x30d/0x400

The reason is we gave CURSEGALLDATAATGC to COMPRADDR where the page was set the gcing flag by setclusterdirty().

References

Affected packages