CVE-2025-21654
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21654
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21654.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21654
- Related
- Published
- 2025-01-19T11:15:11Z
- Modified
- 2025-01-25T23:46:25.370171Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ovl: support encoding fid from inode with no alias
Dmitry Safonov reported that a WARNON() assertion can be trigered by userspace when calling inotifyshowfdinfo() for an overlayfs watched inode, whose dentry aliases were discarded with dropcaches.
The WARNON() assertion in inotifyshow_fdinfo() was removed, because it is possible for encoding file handle to fail for other reason, but the impact of failing to encode an overlayfs file handle goes beyond this assertion.
As shown in the LTP test case mentioned in the link below, failure to encode an overlayfs file handle from a non-aliased inode also leads to failure to report an fid with FANDELETESELF fanotify events.
As Dmitry notes in his analyzis of the problem, ovlencodefh() fails if it cannot find an alias for the inode, but this failure can be fixed. ovlencodefh() seldom uses the alias and in the case of non-decodable file handles, as is often the case with fanotify fid info, ovlencodefh() never needs to use the alias to encode a file handle.
Defer finding an alias until it is actually needed so ovlencodefh() will not fail in the common case of FANDELETESELF fanotify events.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.12.10-1