Linux Kernel F2FS Filesystem Sanity Check Vulnerability

A vulnerability in the Linux kernel's F2FS (Flash-Friendly File System) has been addressed. The issue arose because the total valid block count in the superblock was inconsistent with the blocks mapped by the inode, leading to a kernel panic. This vulnerability could be triggered during the truncation of data blocks, where the filesystem failed to properly validate the block count, causing a mismatch that the kernel interpreted as a critical error.

Impact

Exploitation of this vulnerability could lead to a kernel panic, causing a denial of service by abruptly terminating the kernel process and potentially disrupting system operations.

Reproduction

The vulnerability can be reproduced by creating a fuzzed image that causes the total valid block count in the F2FS superblock to become inconsistent with the mapped blocks indexed by the inode. This can be done by manipulating the filesystem's block allocation and truncation processes, which may involve using specific tools or scripts designed to fuzz filesystem images.