CVE-2024-47690

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47690
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47690.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47690
Downstream
Related
Published
2024-10-21T12:15:05Z
Modified
2025-08-09T20:01:25Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

f2fs: get rid of online repaire on corrupted directory

syzbot reports a f2fs bug as below:

kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704 disposelist fs/inode.c:747 [inline] evictinodes+0x5f9/0x690 fs/inode.c:797 genericshutdownsuper+0x9d/0x2d0 fs/super.c:627 killblocksuper+0x44/0x90 fs/super.c:1696 killf2fssuper+0x344/0x690 fs/f2fs/super.c:4898 deactivatelockedsuper+0xc4/0x130 fs/super.c:473 cleanupmnt+0x41f/0x4b0 fs/namespace.c:1373 taskworkrun+0x24f/0x310 kernel/taskwork.c:228 ptracenotify+0x2d2/0x380 kernel/signal.c:2402 ptracereportsyscall include/linux/ptrace.h:415 [inline] ptracereportsyscallexit include/linux/ptrace.h:477 [inline] syscallexitwork+0xc6/0x190 kernel/entry/common.c:173 syscallexittousermodeprepare kernel/entry/common.c:200 [inline] _syscallexittousermodework kernel/entry/common.c:205 [inline] syscallexittousermode+0x279/0x370 kernel/entry/common.c:218 dosyscall64+0x100/0x230 arch/x86/entry/common.c:89 entrySYSCALL64afterhwframe+0x77/0x7f RIP: 0010:f2fsevict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896

Online repaire on corrupted directory in f2fs_lookup() can generate dirty data/meta while racing w/ readonly remount, it may leave dirty inode after filesystem becomes readonly, however, checkpoint() will skips flushing dirty inode in a state of readonly mode, result in above panic.

Let's get rid of online repaire in f2fs_lookup(), and leave the work to fsck.f2fs.

References

Affected packages