Linux Kernel Ext4 Filesystem Block Bitmap Validation Vulnerability

A vulnerability in the Linux kernel's ext4 filesystem has been addressed. The issue arose because the block bitmap validation process did not properly check for invalid blocks, leading to potential inconsistencies. This vulnerability was discovered by Syzbot while testing a Linux kernel version that is not yet released. The warning indicated that the ext4 filesystem was mounted in a way that could disable certain features, and during the orphan cleanup process on a read-only filesystem, a warning was triggered. The root cause was identified as the block bitmap validation not checking for invalid bits, which could result in the filesystem reporting more available blocks than actually existed. To fix this, a validation check was added to ensure the bitmap correctly represented the block group's status.

Impact

The vulnerability could lead to filesystem corruption by allowing the block allocation process to misinterpret the availability of blocks, potentially causing data to be written to incorrect locations or overwriting existing data.

Reproduction

The vulnerability can be reproduced by mounting an ext4 filesystem with the 'data=journal' option, which disables delayed allocation and other performance features. This can be done using a loopback device. Once the filesystem is mounted, the 'orphan cleanup' process is triggered, which will generate the warning about the block bitmap validation issue.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading can be found in the official Linux kernel documentation.