Linux Kernel JFS File Corruption Vulnerability Check

A vulnerability in the Linux kernel's JFS (Journaled File System) has been addressed, which involved a regular file corruption check. The issue arose when a corrupted file with a negative 'i_size' value was created on disk, leading to operational failures. To mitigate this, a check was added to the file opening process to prevent such files from causing issues.

Impact

The vulnerability could lead to file system corruption by allowing files with invalid sizes to be processed, potentially causing application errors or data loss.

Reproduction

The vulnerability can be reproduced by creating a regular file on the JFS file system with a negative 'i_size' value. This can be done using a custom program or script that manipulates file metadata to introduce the corruption. Once the file is created, it can be opened normally, which will trigger the corruption check and result in an error due to the invalid size.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for updating the kernel can be found in the official Linux documentation or through the package management system of the respective Linux distribution.