Linux Kernel Nilfs2 Filesystem Invalid File Type Sanity Check Vulnerability

A vulnerability in the Linux kernel's nilfs2 filesystem has been addressed by adding a sanity check to prevent inodes with invalid file types from causing issues within the virtual filesystem (VFS). Previously, such inodes could lead to malfunctions or assertion failures. The vulnerability arose because the VFS did not properly handle inodes with invalid file types, allowing them to pass through unchecked. The issue has been resolved by implementing a missing sanity check when reading inodes from a block device. Inodes with invalid file types are now treated as a filesystem error.

Impact

The vulnerability could lead to assertion failures or other malfunctions in the virtual filesystem, caused by improper handling of inodes with invalid file types.

Reproduction

The vulnerability can be reproduced by creating or manipulating inodes within the nilfs2 filesystem that have invalid file type bits. This can be done by directly writing to the filesystem in a way that introduces inodes with incorrect type information, such as through a corrupted file or by using a tool that improperly manages inode metadata. Once these invalid inodes are present, the lack of a sanity check allows them to pass through the VFS, potentially causing assertion failures or other errors.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched kernel can be found on the official Linux kernel website.