In the Linux kernel, the following vulnerability has been resolved:
ext4: always panic when errors=panic is specified
Before commit 014c9caa29d3 (“ext4: make ext4_abort() use
__ext4_error()”), the following series of commands would trigger a
panic:
After commit 014c9caa29d3, remounting a file system using the test
mount option “abort” will no longer trigger a panic. This commit will
restore the behaviour immediately before commit 014c9caa29d3.
(However, note that the Linux kernel’s behavior has not been
consistent; some previous kernel versions, including 5.4 and 4.19
similarly did not panic after using the mount option “abort”.)
This also makes a change to long-standing behaviour; namely, the
following series commands will now cause a panic, when previously it
did not:
However, this makes ext4’s behaviour much more consistent, so this is
a good thing.
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ext4/super.c"
],
"versions": [
{
"version": "014c9caa29d3",
"lessThan": "64e1eebe2131",
"status": "affected",
"versionType": "git"
},
{
"version": "014c9caa29d3",
"lessThan": "1e9ea8f46370",
"status": "affected",
"versionType": "git"
},
{
"version": "014c9caa29d3",
"lessThan": "ac2f7ca51b09",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ext4/super.c"
],
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.11.20",
"lessThanOrEqual": "5.11.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.12.3",
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]