Linux Kernel F2FS Filesystem Foreground Garbage Collection Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's F2FS (Flash-Friendly File System) implementation. This issue arises when the filesystem is mounted with the 'mode=lfs' option, leading to a system panic. The panic occurs because F2FS aggressively allocates blocks without triggering necessary garbage collection, especially when multiple threads write data in parallel. This behavior can cause the system to run out of available space, exacerbating the problem.

Impact

Exploitation of this vulnerability leads to a system panic, causing a denial-of-service condition where the system becomes unresponsive or fails to function properly.

Reproduction

To reproduce this vulnerability, mount a F2FS filesystem with the 'mode=lfs' option. Then, initiate a write operation using asynchronous I/O (AIO) or direct I/O (DIO) methods. The combination of aggressive block allocation in 'lfs' mode and parallel writing will trigger the vulnerability, causing the system to panic.

Remediation

Users can avoid this vulnerability by not using the 'mode=lfs' mount option with F2FS filesystems.