Linux Kernel f2fs Filesystem Node Footer Sanity Check Vulnerability

A vulnerability in the Linux kernel's f2fs filesystem has been addressed, which involved a lack of proper sanity checks on node footers for non-inode data nodes. This issue could lead to a kernel panic by misinterpreting a non-inode data node as an inode, causing the filesystem to detect an inconsistent truncation range and trigger a bug warning. The vulnerability arose because non-inode data nodes could have identical footer information as inodes, leading to incorrect block address calculations. The issue has been resolved by introducing a new node type for non-inode data nodes, allowing the filesystem to properly validate node footers and detect potential corruption.

Impact

Exploitation of this vulnerability could cause a kernel panic, disrupting system operations by forcing the kernel to halt processing and display an error message indicating a serious problem, such as an invalid opcode or a detected bug.

Reproduction

The vulnerability can be reproduced by creating a f2fs filesystem on a device, writing data to a file, and then injecting a crafted node that exploits the lack of footer validation for non-inode data nodes. After injecting the node, the f2fs filesystem will panic, indicating that it has encountered an inconsistency that could lead to data corruption.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed.