CVE-2021-47117: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
First published: Fri Mar 15 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975] ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368] ext4_find_extent+0x300/0x330 [ext4] [130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4] [130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4] [130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4] [130747.336995] ext4_readpage+0x54/0x100 [ext4] [130747.337359] generic_file_buffered_read+0x410/0xae8 [130747.337767] generic_file_read_iter+0x114/0x190 [130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4] [130747.338556] __vfs_read+0x11c/0x188 [130747.338851] vfs_read+0x94/0x150 [130747.339110] ksys_read+0x74/0xf0 This patch's modification is according to Jan Kara's suggestion in: https://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/ "I see. Now I understand your patch. Honestly, seeing how fragile is trying to fix extent tree after split has failed in the middle, I would probably go even further and make sure we fix the tree properly in case of ENOSPC and EDQUOT (those are easily user triggerable). Anything else indicates a HW problem or fs corruption so I'd rather leave the extent tree as is and don't try to fix it (which also means we will not create overlapping extents)."
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | <4.4.272 | |
| Linux Kernel | >=4.5<4.9.272 | |
| Linux Kernel | >=4.10<4.14.236 | |
| Linux Kernel | >=4.15<4.19.194 | |
| Linux Kernel | >=4.20<5.4.125 | |
| Linux Kernel | >=5.5<5.10.43 | |
| Linux Kernel | >=5.11<5.12.10 | |
| Linux Kernel | =5.13-rc1 | |
| Linux Kernel | =5.13-rc2 | |
| Linux Kernel | =5.13-rc3 | |
| Linux Kernel | =5.13-rc4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb
- https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071
- https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9
- https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107
- https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7
- https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a
- https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c
- https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68
Frequently Asked Questions
What is the severity of CVE-2021-47117?
CVE-2021-47117 has been rated as a vulnerability that could lead to a kernel crash under certain conditions.
How do I fix CVE-2021-47117?
To fix CVE-2021-47117, you should update your Linux kernel to a version that contains the patch addressing this vulnerability.
Which versions of the Linux kernel are affected by CVE-2021-47117?
CVE-2021-47117 affects multiple versions of the Linux kernel, specifically those prior to the patched versions mentioned in the security update.
What are the potential impacts of exploiting CVE-2021-47117?
Exploitation of CVE-2021-47117 could lead to system instability, including crashes during file system operations.
Is there a known exploit for CVE-2021-47117?
As of now, there are no publicly disclosed exploits specifically targeting CVE-2021-47117.
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.5
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.13-rc1
- version/linux kernel/5.13-rc2
- version/linux kernel/5.13-rc3
- version/linux kernel/5.13-rc4