Linux Kernel ext4 Memory Allocation Vulnerability

A vulnerability in the Linux kernel's ext4 file system has been identified, related to memory allocation and disk space management. The issue arises in the ext4 memory block allocator, where a 'BUG_ON' condition is triggered, indicating a kernel bug. This vulnerability can be reproduced by creating a disk image, formatting it with the ext4 file system, and then using a file system stress test tool. The problem occurs when the size of the allocation request is truncated, leading to a situation where the requested disk space management operations are not properly aligned or validated, potentially causing inconsistencies in how disk space is allocated or managed.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing a denial of service by crashing the system.

Reproduction

The vulnerability can be reproduced by creating a disk image file, formatting it with the ext4 file system using a specific block size and group size, and then mounting the file system. After mounting, a file system stress test can be applied to the mounted directory, which triggers the vulnerability by causing the memory block allocator to encounter an unexpected condition that violates its assumptions about disk space management.