GHSA-44MR-328W-2Q72
Vulnerability from github – Published: 2024-02-27 21:31 – Updated: 2024-02-27 21:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix check to prevent false positive report of incorrect used inodes
Commit <50122847007> ("ext4: fix check to prevent initializing reserved inodes") check the block group zero and prevent initializing reserved inodes. But in some special cases, the reserved inode may not all belong to the group zero, it may exist into the second group if we format filesystem below.
mkfs.ext4 -b 4096 -g 8192 -N 1024 -I 4096 /dev/sda
So, it will end up triggering a false positive report of a corrupted file system. This patch fix it by avoid check reserved inodes if no free inode blocks will be zeroed.
{
"affected": [],
"aliases": [
"CVE-2021-46946"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-27T19:04:06Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix check to prevent false positive report of incorrect used inodes\n\nCommit \u003c50122847007\u003e (\"ext4: fix check to prevent initializing reserved\ninodes\") check the block group zero and prevent initializing reserved\ninodes. But in some special cases, the reserved inode may not all belong\nto the group zero, it may exist into the second group if we format\nfilesystem below.\n\n mkfs.ext4 -b 4096 -g 8192 -N 1024 -I 4096 /dev/sda\n\nSo, it will end up triggering a false positive report of a corrupted\nfile system. This patch fix it by avoid check reserved inodes if no free\ninode blocks will be zeroed.",
"id": "GHSA-44mr-328w-2q72",
"modified": "2024-02-27T21:31:26Z",
"published": "2024-02-27T21:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46946"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/098b257563b959f4ca6c1d82fde0ee727792cb19"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/539ba4ebc467260225898e67ea53cbb73308f894"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7687f5aba0f50c7ff8040e506bae184e59c8e7b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9c61387630a54e35b96a90608aafd369ffb86f39"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a149d2a5cabbf6507a7832a1c4fd2593c55fd450"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2e121be8d318524a61e13ca15b5bfab2d0b63c7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e18d76a12b34791bc0318a0e0c0fa5863cd8dabf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e70db6e43286a17c3dfc840fcee662de183b6a81"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f42789ee5f96743cdb5f69445cab3609458733f7"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…