Linux Kernel f2fs Denial-of-Service Vulnerability Due to Free Space Exhaustion

A denial-of-service vulnerability has been identified in the Linux kernel's f2fs file system. The issue arises when f2fs attempts to checkpoint during foreground garbage collection in Log-Structured File System (LFS) mode. If the dirty node and directory entry pages generated by data migration exceed the available free space, the system can crash. This vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a system crash, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, create a 20 GiB capacity block device using null_blk. Format and mount the device with LFS mode. Then, create a file and write 20,000 MiB of data to it. Finally, perform 4k random writes across the full range of the file. This sequence will generate enough dirty node and dentry pages to exceed the available free space, causing the system to crash.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability.