Linux Kernel F2FS Filesystem Null Pointer Dereference Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's F2FS (Flash-Friendly File System) implementation. This issue arises when handling atomic writes, where the kernel fails to find a valid F2FS filesystem, leading to out-of-range node ID errors. The vulnerability occurs because a copy-on-write inode, marked as atomic, is not properly initialized, causing a read operation to access a null address. This flaw was introduced by a previous commit that altered the atomic write handling, and it can be exploited during the garbage collection process of the filesystem.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by performing atomic write operations on an F2FS filesystem that has been set up with a loopback device. The F2FS filesystem should be in a state that triggers the garbage collection process, during which the null pointer dereference will occur.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Consult the Linux kernel changelog for specific details on the patched version.