{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-33847", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-24T13:54:11.027Z", "datePublished": "2024-06-24T13:56:48.723Z", "dateUpdated": "2024-11-05T09:22:12.216Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:22:12.216Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: don't allow unaligned truncation on released compress inode\n\nf2fs image may be corrupted after below testcase:\n- mkfs.f2fs -O extra_attr,compression -f /dev/vdb\n- mount /dev/vdb /mnt/f2fs\n- touch /mnt/f2fs/file\n- f2fs_io setflags compression /mnt/f2fs/file\n- dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4\n- f2fs_io release_cblocks /mnt/f2fs/file\n- truncate -s 8192 /mnt/f2fs/file\n- umount /mnt/f2fs\n- fsck.f2fs /dev/vdb\n\n[ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks\n[FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5]\n[FSCK] other corrupted bugs [Fail]\n\nThe reason is: partial truncation assume compressed inode has reserved\nblocks, after partial truncation, valid block count may change w/o\n.i_blocks and .total_valid_block_count update, result in corruption.\n\nThis patch only allow cluster size aligned truncation on released\ncompress inode for fixing."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/file.c"], "versions": [{"version": "8e1651cd667c", "lessThan": "b8962cf98595", "status": "affected", "versionType": "git"}, {"version": "c61404153eb6", "lessThan": "8acae0472150", "status": "affected", "versionType": "git"}, {"version": "c61404153eb6", "lessThan": "3ccf5210dc94", "status": "affected", "versionType": "git"}, {"version": "c61404153eb6", "lessThan": "9f9341064a9b", "status": "affected", "versionType": "git"}, {"version": "c61404153eb6", "lessThan": "5268241b41b1", "status": "affected", "versionType": "git"}, {"version": "c61404153eb6", "lessThan": "29ed2b5dd521", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/file.c"], "versions": [{"version": "5.14", "status": "affected"}, {"version": "0", "lessThan": "5.14", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.93", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.4", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc"}, {"url": "https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b"}, {"url": "https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec"}, {"url": "https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d"}, {"url": "https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c"}, {"url": "https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee"}], "title": "f2fs: compress: don't allow unaligned truncation on released compress inode", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-25T13:51:44.928910Z", "id": "CVE-2024-33847", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-25T13:51:56.043Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:42:58.909Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:42:58.909Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-33847", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-25T13:51:44.928910Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-25T13:51:52.816Z"}}], "cna": {"title": "f2fs: compress: don't allow unaligned truncation on released compress inode", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "8e1651cd667c", "lessThan": "b8962cf98595", "versionType": "git"}, {"status": "affected", "version": "c61404153eb6", "lessThan": "8acae0472150", "versionType": "git"}, {"status": "affected", "version": "c61404153eb6", "lessThan": "3ccf5210dc94", "versionType": "git"}, {"status": "affected", "version": "c61404153eb6", "lessThan": "9f9341064a9b", "versionType": "git"}, {"status": "affected", "version": "c61404153eb6", "lessThan": "5268241b41b1", "versionType": "git"}, {"status": "affected", "version": "c61404153eb6", "lessThan": "29ed2b5dd521", "versionType": "git"}], "programFiles": ["fs/f2fs/file.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.14"}, {"status": "unaffected", "version": "0", "lessThan": "5.14", "versionType": "semver"}, {"status": "unaffected", "version": "5.15.161", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.93", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.33", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.4", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/f2fs/file.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc"}, {"url": "https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b"}, {"url": "https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec"}, {"url": "https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d"}, {"url": "https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c"}, {"url": "https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: don't allow unaligned truncation on released compress inode\n\nf2fs image may be corrupted after below testcase:\n- mkfs.f2fs -O extra_attr,compression -f /dev/vdb\n- mount /dev/vdb /mnt/f2fs\n- touch /mnt/f2fs/file\n- f2fs_io setflags compression /mnt/f2fs/file\n- dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4\n- f2fs_io release_cblocks /mnt/f2fs/file\n- truncate -s 8192 /mnt/f2fs/file\n- umount /mnt/f2fs\n- fsck.f2fs /dev/vdb\n\n[ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks\n[FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5]\n[FSCK] other corrupted bugs [Fail]\n\nThe reason is: partial truncation assume compressed inode has reserved\nblocks, after partial truncation, valid block count may change w/o\n.i_blocks and .total_valid_block_count update, result in corruption.\n\nThis patch only allow cluster size aligned truncation on released\ncompress inode for fixing."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:22:12.216Z"}}}, "cveMetadata": {"cveId": "CVE-2024-33847", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:22:12.216Z", "dateReserved": "2024-06-24T13:54:11.027Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-24T13:56:48.723Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: don't allow unaligned truncation on released compress inode\n\nf2fs image may be corrupted after below testcase:\n- mkfs.f2fs -O extra_attr,compression -f /dev/vdb\n- mount /dev/vdb /mnt/f2fs\n- touch /mnt/f2fs/file\n- f2fs_io setflags compression /mnt/f2fs/file\n- dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4\n- f2fs_io release_cblocks /mnt/f2fs/file\n- truncate -s 8192 /mnt/f2fs/file\n- umount /mnt/f2fs\n- fsck.f2fs /dev/vdb\n\n[ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks\n[FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5]\n[FSCK] other corrupted bugs [Fail]\n\nThe reason is: partial truncation assume compressed inode has reserved\nblocks, after partial truncation, valid block count may change w/o\n.i_blocks and .total_valid_block_count update, result in corruption.\n\nThis patch only allow cluster size aligned truncation on released\ncompress inode for fixing."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: comprimir: no permitir el truncamiento no alineado en el inodo comprimido liberado. La imagen f2fs puede estar da\u00f1ada despu\u00e9s del siguiente caso de prueba: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - montar /dev/vdb /mnt/f2fs - tocar /mnt/f2fs/file - f2fs_io setflags compresi\u00f3n /mnt/f2fs/file - dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4 - f2fs_io release_cblocks /mnt/f2fs/file - truncate -s 8192 /mnt/f2fs/file - umount /mnt/f2fs - fsck.f2fs /dev/vdb [ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 tiene i_blocks : 0x00000002, pero tiene bloques 0x3 [FSCK] valid_block_count que coincide con CP [Falla] [0x4, 0x5] [FSCK] otros errores corruptos [Falla] La raz\u00f3n es: truncamiento parcial se supone que el inodo comprimido tiene bloques reservados, despu\u00e9s del truncamiento parcial, bloque v\u00e1lido El recuento puede cambiar sin la actualizaci\u00f3n de .i_blocks y .total_valid_block_count, lo que provoca corrupci\u00f3n. Este parche solo permite el truncamiento alineado con el tama\u00f1o del cl\u00faster en el inodo comprimido liberado para su reparaci\u00f3n."}], "id": "CVE-2024-33847", "lastModified": "2024-06-24T19:26:47.037", "metrics": {}, "published": "2024-06-24T14:15:11.803", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: f2fs: compress: don't allow unaligned truncation on released compress inode", "id": "2294217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294217"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "status": "draft"}, "cwe": "CWE-841", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nf2fs: compress: don't allow unaligned truncation on released compress inode\nf2fs image may be corrupted after below testcase:\n- mkfs.f2fs -O extra_attr,compression -f /dev/vdb\n- mount /dev/vdb /mnt/f2fs\n- touch /mnt/f2fs/file\n- f2fs_io setflags compression /mnt/f2fs/file\n- dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4\n- f2fs_io release_cblocks /mnt/f2fs/file\n- truncate -s 8192 /mnt/f2fs/file\n- umount /mnt/f2fs\n- fsck.f2fs /dev/vdb\n[ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks\n[FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5]\n[FSCK] other corrupted bugs [Fail]\nThe reason is: partial truncation assume compressed inode has reserved\nblocks, after partial truncation, valid block count may change w/o\n.i_blocks and .total_valid_block_count update, result in corruption.\nThis patch only allow cluster size aligned truncation on released\ncompress inode for fixing."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-33847", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-33847\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-33847\nhttps://lore.kernel.org/linux-cve-announce/2024062458-CVE-2024-33847-6abc@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.15.161, kernel 6.1.93, kernel 6.6.33, kernel 6.9.4, kernel 6.10-rc1"}