CVE-2024-35844
"F2FS File Compression Failure to Reserve Blocks"
Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable: unisoc # ./f2fs_io compress test.apk unisoc #df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.2M 100% /data unisoc # ./f2fs_io release_cblocks test.apk 924 unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 4.8M 100% /data unisoc # dd if=/dev/random of=file4 bs=1M count=3 3145728 bytes (3.0 M) copied, 0.025 s, 120 M/s unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 0 This is because the file has only one direct_node. After returning to -ENOSPC, reserved_blocks += ret will not be executed. As a result, the reserved_blocks at this time is still 0, which is not the real number of reserved blocks. Therefore, fsck cannot be set to repair the file. After this patch, the fsck flag will be set to fix this problem. unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot then fsck will be executed unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 924
INFO
Published Date :
May 17, 2024, 3:15 p.m.
Last Modified :
Nov. 21, 2024, 9:21 a.m.
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-35844
.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-35844
vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2024-35844
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2024/05/30/1 Added Reference http://www.openwall.com/lists/oss-security/2024/05/30/2 Added Reference https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f Added Reference https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc Added Reference https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685 Added Reference https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a Added Reference https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee Added Reference https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3 -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Nov. 05, 2024
Action Type Old Value New Value Removed Reference kernel.org http://www.openwall.com/lists/oss-security/2024/05/30/2 Removed Reference kernel.org http://www.openwall.com/lists/oss-security/2024/05/30/1 -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 10, 2024
Action Type Old Value New Value Added Reference kernel.org http://www.openwall.com/lists/oss-security/2024/05/30/1 [No types assigned] -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 10, 2024
Action Type Old Value New Value Added Reference kernel.org http://www.openwall.com/lists/oss-security/2024/05/30/2 [No types assigned] -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 29, 2024
Action Type Old Value New Value -
CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 17, 2024
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable: unisoc # ./f2fs_io compress test.apk unisoc #df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.2M 100% /data unisoc # ./f2fs_io release_cblocks test.apk 924 unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 4.8M 100% /data unisoc # dd if=/dev/random of=file4 bs=1M count=3 3145728 bytes (3.0 M) copied, 0.025 s, 120 M/s unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 0 This is because the file has only one direct_node. After returning to -ENOSPC, reserved_blocks += ret will not be executed. As a result, the reserved_blocks at this time is still 0, which is not the real number of reserved blocks. Therefore, fsck cannot be set to repair the file. After this patch, the fsck flag will be set to fix this problem. unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot then fsck will be executed unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 924 Added Reference kernel.org https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685 [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3 [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f [No types assigned]
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-35844
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-35844
weaknesses.