In the Linux kernel, the following vulnerability has been resolved: ext4:
avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
Determine if the group block bitmap is corrupted before using ac_b_ex in
ext4_mb_try_best_found() to avoid allocating blocks from a group with a
corrupted block bitmap in the following concurrency and making the
situation worse. ext4_mb_regular_allocator ext4_lock_group(sb, group)
ext4_mb_good_group // check if the group bbitmap is corrupted
ext4_mb_complex_scan_group // Scan group gets ac_b_ex but doesn’t use it
ext4_unlock_group(sb, group) ext4_mark_group_bitmap_corrupted(group) // The
block bitmap was corrupted during // the group unlock gap.
ext4_mb_try_best_found ext4_lock_group(ac->ac_sb, group)
ext4_mb_use_best_found mb_mark_used // Allocating blocks in block bitmap
corrupted group
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < 5.4.0-186.206 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-112.122 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-hwe-5.4 | < 5.4.0-186.206~18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-hwe-5.15 | < 5.15.0-113.123~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-kvm | < 5.15.0-1060.65 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-kvm | < 5.4.0-1114.121 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1126.136 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1063.69 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < 5.4.0-1126.136~18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1063.69~20.04.1 | UNKNOWN |
git.kernel.org/linus/4530b3660d396a646aad91a787b6ab37cf604b53 (6.8-rc3)
git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1
git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea
git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d
git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53
git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5
git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03
git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe
git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36
launchpad.net/bugs/cve/CVE-2024-26773
nvd.nist.gov/vuln/detail/CVE-2024-26773
security-tracker.debian.org/tracker/CVE-2024-26773
ubuntu.com/security/notices/USN-6820-1
ubuntu.com/security/notices/USN-6820-2
ubuntu.com/security/notices/USN-6821-1
ubuntu.com/security/notices/USN-6821-2
ubuntu.com/security/notices/USN-6821-3
ubuntu.com/security/notices/USN-6821-4
ubuntu.com/security/notices/USN-6828-1
ubuntu.com/security/notices/USN-6831-1
ubuntu.com/security/notices/USN-6867-1
ubuntu.com/security/notices/USN-6871-1
ubuntu.com/security/notices/USN-6892-1
ubuntu.com/security/notices/USN-6919-1
www.cve.org/CVERecord?id=CVE-2024-26773