CVE-2024-34027: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock

Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock

It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock
to avoid racing with checkpoint, otherwise, filesystem metadata including
blkaddr in dnode, inode fields and .total_valid_block_count may be
corrupted after SPO case.

Classification

CVE ID: CVE-2024-34027

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.41% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b
https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182
https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f
https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b
https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4
https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019

Timeline

2024-12-20 00:36:09 UTC
CVE

f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock