Linux Kernel HFS+ Filesystem Inode Mode Verification Vulnerability

A vulnerability in the Linux kernel's handling of the HFS+ filesystem can lead to incorrect inode mode interpretations. This issue arises when the 'mode' field, loaded from disk, is corrupted, causing the S_IFMT bits of the inode's i_mode to become invalid. The vulnerability affects the Linux kernel's stable releases.

Impact

The vulnerability can cause the filesystem to misinterpret file types, potentially leading to incorrect handling of files and directories.

Reproduction

The vulnerability can be reproduced by loading a HFS+ filesystem image with corrupted 'mode' field data. This can be done using a tool like 'hfsplus' to create a filesystem image, then manually corrupting the 'mode' field before mounting the image in a Linux environment. Once the image is mounted, the corrupted inode modes can lead to improper file type interpretations, demonstrating the vulnerability.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed.