CVE - CVE-2024-35844

CVE-ID
CVE-2024-35844	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable: unisoc # ./f2fs_io compress test.apk unisoc #df -h \| grep dm-48 /dev/block/dm-48 112G 112G 1.2M 100% /data unisoc # ./f2fs_io release_cblocks test.apk 924 unisoc # df -h \| grep dm-48 /dev/block/dm-48 112G 112G 4.8M 100% /data unisoc # dd if=/dev/random of=file4 bs=1M count=3 3145728 bytes (3.0 M) copied, 0.025 s, 120 M/s unisoc # df -h \| grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot unisoc # df -h \| grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 0 This is because the file has only one direct_node. After returning to -ENOSPC, reserved_blocks += ret will not be executed. As a result, the reserved_blocks at this time is still 0, which is not the real number of reserved blocks. Therefore, fsck cannot be set to repair the file. After this patch, the fsck flag will be set to fix this problem. unisoc # df -h \| grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device adb reboot then fsck will be executed unisoc # df -h \| grep dm-48 /dev/block/dm-48 112G 112G 11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 924
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f URL:https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f MISC:https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc URL:https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc MISC:https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685 URL:https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685 MISC:https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a URL:https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a MISC:https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee URL:https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee MISC:https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3 URL:https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3 MLIST:[oss-security] 20240530 Re: List linux CVEs for a given stable release? URL:http://www.openwall.com/lists/oss-security/2024/05/30/1 MLIST:[oss-security] 20240530 Re: List linux CVEs for a given stable release? URL:http://www.openwall.com/lists/oss-security/2024/05/30/2
Assigning CNA
kernel.org
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)