cve/published/2022/CVE-2022-48877.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2022-48877: f2fs: let's avoid panic if extent_tree is not created

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 f2fs: let's avoid panic if extent_tree is not created

 This patch avoids the below panic.

 pc : __lookup_extent_tree+0xd8/0x760
 lr : f2fs_do_write_data_page+0x104/0x87c
 sp : ffffffc010cbb3c0
 x29: ffffffc010cbb3e0 x28: 0000000000000000
 x27: ffffff8803e7f020 x26: ffffff8803e7ed40
 x25: ffffff8803e7f020 x24: ffffffc010cbb460
 x23: ffffffc010cbb480 x22: 0000000000000000
 x21: 0000000000000000 x20: ffffffff22e90900
 x19: 0000000000000000 x18: ffffffc010c5d080
 x17: 0000000000000000 x16: 0000000000000020
 x15: ffffffdb1acdbb88 x14: ffffff888759e2b0
 x13: 0000000000000000 x12: ffffff802da49000
 x11: 000000000a001200 x10: ffffff8803e7ed40
 x9 : ffffff8023195800 x8 : ffffff802da49078
 x7 : 0000000000000001 x6 : 0000000000000000
 x5 : 0000000000000006 x4 : ffffffc010cbba28
 x3 : 0000000000000000 x2 : ffffffc010cbb480
 x1 : 0000000000000000 x0 : ffffff8803e7ed40
 Call trace:
  __lookup_extent_tree+0xd8/0x760
  f2fs_do_write_data_page+0x104/0x87c
  f2fs_write_single_data_page+0x420/0xb60
  f2fs_write_cache_pages+0x418/0xb1c
  __f2fs_write_data_pages+0x428/0x58c
  f2fs_write_data_pages+0x30/0x40
  do_writepages+0x88/0x190
  __writeback_single_inode+0x48/0x448
  writeback_sb_inodes+0x468/0x9e8
  __writeback_inodes_wb+0xb8/0x2a4
  wb_writeback+0x33c/0x740
  wb_do_writeback+0x2b4/0x400
  wb_workfn+0xe4/0x34c
  process_one_work+0x24c/0x5bc
  worker_thread+0x3e8/0xa50
  kthread+0x150/0x1b4

 The Linux kernel CVE team has assigned CVE-2022-48877 to this issue.


 Affected and fixed versions
 ===========================

 	Fixed in 4.14.304 with commit dd83a9763e29ed7a21c8a43f7a62cd0a6bf74692
 	Fixed in 4.19.271 with commit ff85a1dbd90d29f73033177ff8d8de4a27d9721c
 	Fixed in 5.4.230 with commit 557e85ff9afef6d45020b6f09357111d38033c31
 	Fixed in 5.10.165 with commit 72009139a661ade5cb1da4239734ed02fa1cfff0
 	Fixed in 5.15.90 with commit 2c129e868992621a739bdd57a5bffa3985ef1b91
 	Fixed in 6.1.8 with commit 1c38cdc747f00daf7394535eae5afc4c503c59bb
 	Fixed in 6.2 with commit df9d44b645b83fffccfb4e28c1f93376585fdec8

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2022-48877
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	fs/f2fs/extent_cache.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/dd83a9763e29ed7a21c8a43f7a62cd0a6bf74692
 	https://git.kernel.org/stable/c/ff85a1dbd90d29f73033177ff8d8de4a27d9721c
 	https://git.kernel.org/stable/c/557e85ff9afef6d45020b6f09357111d38033c31
 	https://git.kernel.org/stable/c/72009139a661ade5cb1da4239734ed02fa1cfff0
 	https://git.kernel.org/stable/c/2c129e868992621a739bdd57a5bffa3985ef1b91
 	https://git.kernel.org/stable/c/1c38cdc747f00daf7394535eae5afc4c503c59bb
 	https://git.kernel.org/stable/c/df9d44b645b83fffccfb4e28c1f93376585fdec8
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2022-48877: f2fs: let's avoid panic if extent_tree is not created

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	f2fs: let's avoid panic if extent_tree is not created

	This patch avoids the below panic.

	pc : __lookup_extent_tree+0xd8/0x760
	lr : f2fs_do_write_data_page+0x104/0x87c
	sp : ffffffc010cbb3c0
	x29: ffffffc010cbb3e0 x28: 0000000000000000
	x27: ffffff8803e7f020 x26: ffffff8803e7ed40
	x25: ffffff8803e7f020 x24: ffffffc010cbb460
	x23: ffffffc010cbb480 x22: 0000000000000000
	x21: 0000000000000000 x20: ffffffff22e90900
	x19: 0000000000000000 x18: ffffffc010c5d080
	x17: 0000000000000000 x16: 0000000000000020
	x15: ffffffdb1acdbb88 x14: ffffff888759e2b0
	x13: 0000000000000000 x12: ffffff802da49000
	x11: 000000000a001200 x10: ffffff8803e7ed40
	x9 : ffffff8023195800 x8 : ffffff802da49078
	x7 : 0000000000000001 x6 : 0000000000000000
	x5 : 0000000000000006 x4 : ffffffc010cbba28
	x3 : 0000000000000000 x2 : ffffffc010cbb480
	x1 : 0000000000000000 x0 : ffffff8803e7ed40
	Call trace:
	__lookup_extent_tree+0xd8/0x760
	f2fs_do_write_data_page+0x104/0x87c
	f2fs_write_single_data_page+0x420/0xb60
	f2fs_write_cache_pages+0x418/0xb1c
	__f2fs_write_data_pages+0x428/0x58c
	f2fs_write_data_pages+0x30/0x40
	do_writepages+0x88/0x190
	__writeback_single_inode+0x48/0x448
	writeback_sb_inodes+0x468/0x9e8
	__writeback_inodes_wb+0xb8/0x2a4
	wb_writeback+0x33c/0x740
	wb_do_writeback+0x2b4/0x400
	wb_workfn+0xe4/0x34c
	process_one_work+0x24c/0x5bc
	worker_thread+0x3e8/0xa50
	kthread+0x150/0x1b4

	The Linux kernel CVE team has assigned CVE-2022-48877 to this issue.


	Affected and fixed versions
	===========================

	Fixed in 4.14.304 with commit dd83a9763e29ed7a21c8a43f7a62cd0a6bf74692
	Fixed in 4.19.271 with commit ff85a1dbd90d29f73033177ff8d8de4a27d9721c
	Fixed in 5.4.230 with commit 557e85ff9afef6d45020b6f09357111d38033c31
	Fixed in 5.10.165 with commit 72009139a661ade5cb1da4239734ed02fa1cfff0
	Fixed in 5.15.90 with commit 2c129e868992621a739bdd57a5bffa3985ef1b91
	Fixed in 6.1.8 with commit 1c38cdc747f00daf7394535eae5afc4c503c59bb
	Fixed in 6.2 with commit df9d44b645b83fffccfb4e28c1f93376585fdec8

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-48877
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	fs/f2fs/extent_cache.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/dd83a9763e29ed7a21c8a43f7a62cd0a6bf74692
	https://git.kernel.org/stable/c/ff85a1dbd90d29f73033177ff8d8de4a27d9721c
	https://git.kernel.org/stable/c/557e85ff9afef6d45020b6f09357111d38033c31
	https://git.kernel.org/stable/c/72009139a661ade5cb1da4239734ed02fa1cfff0
	https://git.kernel.org/stable/c/2c129e868992621a739bdd57a5bffa3985ef1b91
	https://git.kernel.org/stable/c/1c38cdc747f00daf7394535eae5afc4c503c59bb
	https://git.kernel.org/stable/c/df9d44b645b83fffccfb4e28c1f93376585fdec8