跳转到帖子

Amazon Linux AMI 2: CVE-2021-47117: Security patch for kernel (Multiple Advisories)

recommended_posts

发布于
  • Members

Amazon Linux AMI 2: CVE-2021-47117: Security patch for kernel (Multiple Advisories)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
03/15/2024
Created
08/03/2024
Added
08/02/2024
Modified
08/02/2024

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553]ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975]ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368]ext4_find_extent+0x300/0x330 [ext4] [130747.335759]ext4_ext_map_blocks+0x74/0x1178 [ext4] [130747.336179]ext4_map_blocks+0x2f4/0x5f0 [ext4] [130747.336567]ext4_mpage_readpages+0x4a8/0x7a8 [ext4] [130747.336995]ext4_readpage+0x54/0x100 [ext4] [130747.337359]generic_file_buffered_read+0x410/0xae8 [130747.337767]generic_file_read_iter+0x114/0x190 [130747.338152]ext4_file_read_iter+0x5c/0x140 [ext4] [130747.338556]__vfs_read+0x11c/0x188 [130747.338851]vfs_read+0x94/0x150 [130747.339110]ksys_read+0x74/0xf0 This patch's modification is according to Jan Kara's suggestion in: https://patchwork.ozlabs.org/project/linux-ext4/patch/[email protected]/ "I see. Now I understand your patch. Honestly, seeing how fragile is trying to fix extent tree after split has failed in the middle, I would probably go even further and make sure we fix the tree properly in case of ENOSPC and EDQUOT (those are easily user triggerable).Anything else indicates a HW problem or fs corruption so I'd rather leave the extent tree as is and don't try to fix it (which also means we will not create overlapping extents)."

Solution(s)

  • amazon-linux-ami-2-upgrade-bpftool
  • amazon-linux-ami-2-upgrade-bpftool-debuginfo
  • amazon-linux-ami-2-upgrade-kernel
  • amazon-linux-ami-2-upgrade-kernel-debuginfo
  • amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64
  • amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64
  • amazon-linux-ami-2-upgrade-kernel-devel
  • amazon-linux-ami-2-upgrade-kernel-headers
  • amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-238-182-421
  • amazon-linux-ami-2-upgrade-kernel-tools
  • amazon-linux-ami-2-upgrade-kernel-tools-debuginfo
  • amazon-linux-ami-2-upgrade-kernel-tools-devel
  • amazon-linux-ami-2-upgrade-perf
  • amazon-linux-ami-2-upgrade-perf-debuginfo
  • amazon-linux-ami-2-upgrade-python-perf
  • amazon-linux-ami-2-upgrade-python-perf-debuginfo

References

  • https://attackerkb.com/topics/cve-2021-47117
  • AL2/ALAS-2021-1685
  • AL2/ALASKERNEL-5.10-2022-002
  • AL2/ALASKERNEL-5.4-2022-004
  • CVE - 2021-47117
  • 查看数 716
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…