'[oss-security] CVE-2021-44879: kernel:NULL pointer dereference in fs/f2fs/gc.c:move_data_page'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2021-44879: kernel:NULL pointer dereference in fs/f2fs/gc.c:move_data_page
From:       Wenqing Liu <liu () cs ! fsu ! edu>
Date:       2022-02-12 7:04:11
Message-ID: fe41809854d203124f41164b8374456a () cs ! fsu ! edu
[Download RAW message or body]

Description:
In move_data_page in fs/f2fs/gc.c in the Linux kernel 5.15.1-5.15.16, 
there is an NULL pointer dereference when f2fs tries to migrate a block 
that belong to special file, and the file doesn't have assigned address 
space operations pointer array for mapping->a_ops field but called 
a_ops->set_dirty_page(). Could cause denial of service when mounting and 
operate on the crafted image.

References:
https://bugzilla.kernel.org/show_bug.cgi?id=215231
https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic