Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at that time isize is not yet updated to match the new size, if writeback is kicked in, it will invoke ocfs2_writepage()->block_write_full_page() where the pages out of inode size will be dropped. That will cause file corruption. Fix this by zero out eof blocks when extending the inode size. Running the following command with qemu-image 4.2.1 can get a corrupted coverted image file easily. qemu-img convert -p -t none -T none -f qcow2 $qcow_image \ -O qcow2 -o compat=1.1 $qcow_image.conv The usage of fallocate in qemu is like this, it first punches holes out of inode size, then extend the inode size. fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0 fallocate(11, 0, 2276196352, 65536) = 0 v1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html v2: https://lore.kernel.org/linux-fsdevel/[email protected]/T/
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 4.4.272 |
References
- https://git.kernel.org/stable/c/0a31dd6fd2f4e7db538fb6eb1f06973d81f8dd3bPatch
- https://git.kernel.org/stable/c/33e03adafb29eedae1bae9cdb50c1385279fcf65Patch
- https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57Patch
- https://git.kernel.org/stable/c/6bba4471f0cc1296fe3c2089b9e52442d3074b2ePatch
- https://git.kernel.org/stable/c/a1700479524bb9cb5e8ae720236a6fabd003acaePatch
- https://git.kernel.org/stable/c/c8d5faee46242c3f33b8a71a4d7d52214785bfccPatch
- https://git.kernel.org/stable/c/cc2edb99ea606a45182b5ea38cc8f4e583aa0774Patch
- https://git.kernel.org/stable/c/cec4e857ffaa8c447f51cd8ab4e72350077b6770Patch
- https://git.kernel.org/stable/c/0a31dd6fd2f4e7db538fb6eb1f06973d81f8dd3bPatch
- https://git.kernel.org/stable/c/33e03adafb29eedae1bae9cdb50c1385279fcf65Patch
- https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57Patch
- https://git.kernel.org/stable/c/6bba4471f0cc1296fe3c2089b9e52442d3074b2ePatch
- https://git.kernel.org/stable/c/a1700479524bb9cb5e8ae720236a6fabd003acaePatch
- https://git.kernel.org/stable/c/c8d5faee46242c3f33b8a71a4d7d52214785bfccPatch
- https://git.kernel.org/stable/c/cc2edb99ea606a45182b5ea38cc8f4e583aa0774Patch
FAQ
What is CVE-2021-47114?
CVE-2021-47114 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last...
How severe is CVE-2021-47114?
CVE-2021-47114 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47114?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.