跳转到帖子

Ubuntu: (CVE-2021-47117): linux vulnerability

recommended_posts

发布于
  • Members

Ubuntu: (CVE-2021-47117): linux vulnerability

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
03/15/2024
Created
11/21/2024
Added
11/19/2024
Modified
02/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553]ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975]ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368]ext4_find_extent+0x300/0x330 [ext4] [130747.335759]ext4_ext_map_blocks+0x74/0x1178 [ext4] [130747.336179]ext4_map_blocks+0x2f4/0x5f0 [ext4] [130747.336567]ext4_mpage_readpages+0x4a8/0x7a8 [ext4] [130747.336995]ext4_readpage+0x54/0x100 [ext4] [130747.337359]generic_file_buffered_read+0x410/0xae8 [130747.337767]generic_file_read_iter+0x114/0x190 [130747.338152]ext4_file_read_iter+0x5c/0x140 [ext4] [130747.338556]__vfs_read+0x11c/0x188 [130747.338851]vfs_read+0x94/0x150 [130747.339110]ksys_read+0x74/0xf0 This patch's modification is according to Jan Kara's suggestion in: https://patchwork.ozlabs.org/project/linux-ext4/patch/[email protected]/ "I see. Now I understand your patch. Honestly, seeing how fragile is trying to fix extent tree after split has failed in the middle, I would probably go even further and make sure we fix the tree properly in case of ENOSPC and EDQUOT (those are easily user triggerable).Anything else indicates a HW problem or fs corruption so I'd rather leave the extent tree as is and don't try to fix it (which also means we will not create overlapping extents)."

Solution(s)

  • ubuntu-upgrade-linux
  • ubuntu-upgrade-linux-aws
  • ubuntu-upgrade-linux-aws-5-4
  • ubuntu-upgrade-linux-aws-fips
  • ubuntu-upgrade-linux-aws-hwe
  • ubuntu-upgrade-linux-azure
  • ubuntu-upgrade-linux-azure-4-15
  • ubuntu-upgrade-linux-azure-5-4
  • ubuntu-upgrade-linux-azure-fips
  • ubuntu-upgrade-linux-bluefield
  • ubuntu-upgrade-linux-fips
  • ubuntu-upgrade-linux-gcp
  • ubuntu-upgrade-linux-gcp-4-15
  • ubuntu-upgrade-linux-gcp-5-4
  • ubuntu-upgrade-linux-gcp-fips
  • ubuntu-upgrade-linux-gkeop
  • ubuntu-upgrade-linux-hwe
  • ubuntu-upgrade-linux-hwe-5-4
  • ubuntu-upgrade-linux-kvm
  • ubuntu-upgrade-linux-oracle
  • ubuntu-upgrade-linux-oracle-5-4
  • ubuntu-upgrade-linux-raspi
  • ubuntu-upgrade-linux-raspi-5-4

References

  • https://attackerkb.com/topics/cve-2021-47117
  • CVE - 2021-47117
  • https://git.kernel.org/linus/082cd4ec240b8734a82a89ffb890216ac98fec68
  • https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68
  • https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c
  • https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107
  • https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071
  • https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7
  • https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a
  • https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9
  • https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb
  • https://www.cve.org/CVERecord?id=CVE-2021-47117
View more
  • 查看数 704
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…