Linux Kernel F2FS File System Slab Cache Vulnerability

A vulnerability in the F2FS (Flash-Friendly File System) implementation of the Linux kernel has been addressed. The issue arose from the use of per-superblock slab caches for inline extended attributes, which could lead to cache name conflicts and warnings during slab cache management. This vulnerability was reported by Hong Yun, who observed a capacity change that triggered a warning about a duplicate slab cache name. The problem occurred when two slab caches with the same size were created, causing the slab system to merge them into a single cache structure. As a result, attempts to recreate a cache with the same name would fail, leading to warnings about the existing cache. The vulnerability could be reproduced by mounting and unmounting file systems in a specific sequence, which exposed the cache management issue.

Impact

The vulnerability could cause kernel warnings about slab cache management, indicating potential issues with memory management for the F2FS file system's extended attributes.

Reproduction

The vulnerability can be reproduced by mounting two different block devices with the F2FS file system, unmounting one of them, and then remounting the first one. This sequence of actions can trigger the slab cache conflict that causes the warning.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for updating the kernel can be found in the official Linux kernel documentation.