CVE-2024-27032: f2fs: fix to avoid potential panic during recovery
Description
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid potential panic during recovery
During recovery, if FAULT_BLOCK is on, it is possible that
f2fs_reserve_new_block() will return -ENOSPC during recovery,
then it may trigger panic.
Also, if fault injection rate is 1 and only FAULT_BLOCK fault
type is on, it may encounter deadloop in loop of block reservation.
Let's change as below to fix these issues:
- remove bug_on() to avoid panic.
- limit the loop count of block reservation to avoid potential
deadloop.
Classification
CVE ID: CVE-2024-27032
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 17.83% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)
References
https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c
https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1
https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67
https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58