Lucene search

LinuxVULNRICHMENT:CVE-2024-40971

HistoryJul 12, 2024 - 12:32 p.m.

CVE-2024-40971 f2fs: remove clear SB_INLINECRYPT flag in default_options

2024-07-1212:32:09

Linux

github.com

linux kernel

vulnerability

f2fs

remount

inlinecrypt

data corruption

wrappedkey_v0

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

f2fs: remove clear SB_INLINECRYPT flag in default_options

In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set.
If create new file or open file during this gap, these files
will not use inlinecrypt. Worse case, it may lead to data
corruption if wrappedkey_v0 is enable.

Thread A: Thread B:

-f2fs_remount -f2fs_file_open or f2fs_new_inode
-default_options
<- clear SB_INLINECRYPT flag

                                      -fscrypt_select_encryption_impl

-parse_options
<- set SB_INLINECRYPT again

References

git.kernel.org/stable/c/38a82c8d00638bb642bef787eb1d5e0e4d3b7d71

git.kernel.org/stable/c/724429db09e21ee153fef35e34342279d33df6ae

git.kernel.org/stable/c/a9cea0489c562c97cd56bb345e78939f9909e7f4

git.kernel.org/stable/c/ac5eecf481c29942eb9a862e758c0c8b68090c33

git.kernel.org/stable/c/ae39c8ec4250d2a35ddaab1c40faacfec306ff66

git.kernel.org/stable/c/eddeb8d941d5be11a9da5637dbe81ac37e8449a2