Linux Kernel F2FS Filesystem Stale Inode Handling Vulnerability

A vulnerability in the Linux kernel's F2FS (Flash-Friendly File System) has been addressed. The issue involved improper handling of inodes during the eviction process, particularly when an atomic write operation was aborted. This could lead to a stale dirty inode, causing potential inconsistencies or errors. The vulnerability was reported by syzbot and has been fixed by ensuring that the inode is properly flushed and synchronized before eviction, preventing the accumulation of stale data.

Impact

The vulnerability could cause a kernel panic due to an invalid opcode error, triggered by a bug in the F2FS inode eviction process. This was reported to the syzbot fuzzing tool, indicating a severe issue that could disrupt system stability.

Reproduction

The vulnerability can be reproduced by mounting a F2FS filesystem with a specific checkpoint version, then performing operations that abort atomic writes. This sequence of actions will trigger the improper inode handling, leading to the described kernel bug.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux Kernel Archives.