// For flags

CVE-2021-47117

ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed

Severity Score

"-"
*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed

We got follow bug_on when run fsstress with injecting IO fault:
[130747.323114] kernel BUG at fs/ext4/extents_status.c:762!
[130747.323117] Internal error: Oops - BUG: 0 [#1] SMP
......
[130747.334329] Call trace:
[130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4]
[130747.334975] ext4_cache_extents+0x64/0xe8 [ext4]
[130747.335368] ext4_find_extent+0x300/0x330 [ext4]
[130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4]
[130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4]
[130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4]
[130747.336995] ext4_readpage+0x54/0x100 [ext4]
[130747.337359] generic_file_buffered_read+0x410/0xae8
[130747.337767] generic_file_read_iter+0x114/0x190
[130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4]
[130747.338556] __vfs_read+0x11c/0x188
[130747.338851] vfs_read+0x94/0x150
[130747.339110] ksys_read+0x74/0xf0

This patch's modification is according to Jan Kara's suggestion in:
https://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/
"I see. Now I understand your patch. Honestly, seeing how fragile is trying
to fix extent tree after split has failed in the middle, I would probably
go even further and make sure we fix the tree properly in case of ENOSPC
and EDQUOT (those are easily user triggerable). Anything else indicates a
HW problem or fs corruption so I'd rather leave the extent tree as is and
don't try to fix it (which also means we will not create overlapping
extents)."

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: corrigió el error en ext4_es_cache_extent ya que ext4_split_extent_at falló. Obtuvimos el seguimiento de bug_on cuando ejecutamos fsstress con la inyección de error de IO: [130747.323114] ERROR del kernel en fs/ext4/extents_status.c:762. [130747.323117] Error interno: Vaya - ERROR: 0 [#1] SMP ...... [130747.334329] Rastreo de llamadas: [130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975] ext4_cache_extents+0x 64/0xe8 [ext4] [130747.335368] text4_find_extent+0x300/0x330 [ext4] [130747.335759] text4_ext_map_blocks+0x74/0x1178 [ext4] [130747.336179] text4_map_blocks+0x2f4/0x5f0 [ext4] [130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4] [130747.336995] ext4_readpage+0x54 /0x100 [ext4] [130747.337359] generic_file_buffered_read+0x410/0xae8 [130747.337767] generic_file_read_iter+0x114/0x190 [130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4] [13 0747.338556] __vfs_read+0x11c/0x188 [130747.338851] vfs_read+0x94/0x150 [130747.339110 ] ksys_read+0x74/0xf0 La modificación de este parche se realiza según la sugerencia de Jan Kara en: https://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/ "Ya veo. Ahora Entiendo su parche. Honestamente, viendo lo frágil que es intentar arreglar el árbol de extensión después de que la división falló en el medio, probablemente iría aún más lejos y me aseguraría de arreglar el árbol correctamente en el caso de ENOSPC y EDQUOT (esos son fácilmente activables por el usuario). ). Cualquier otra cosa indica un problema de hardware o corrupción de fs, por lo que prefiero dejar el árbol de extensiones como está y no intentar arreglarlo (lo que también significa que no crearemos extensiones superpuestas)".

*Credits: N/A
CVSS Scores
Attack Vector
-
Attack Complexity
-
Privileges Required
-
User Interaction
-
Scope
-
Confidentiality
-
Integrity
-
Availability
-
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-03-04 CVE Reserved
  • 2024-03-15 CVE Published
  • 2024-03-16 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 4.4.272
Search vendor "Linux" for product "Linux Kernel" and version " < 4.4.272"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 4.9.272
Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.272"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 4.14.236
Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.236"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 4.19.194
Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.194"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 5.4.125
Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.125"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 5.10.43
Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.43"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 5.12.10
Search vendor "Linux" for product "Linux Kernel" and version " < 5.12.10"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 5.13
Search vendor "Linux" for product "Linux Kernel" and version " < 5.13"
en
Affected