U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-26869

Change History

New CVE Received by NIST 4/17/2024 7:15:09 AM

Action Type Old Value New Value
Added Description

								
							
							
						
In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to truncate meta inode pages forcely

Below race case can cause data corruption:

Thread A				GC thread
					- gc_data_segment
					 - ra_data_block
					  - locked meta_inode page
- f2fs_inplace_write_data
 - invalidate_mapping_pages
 : fail to invalidate meta_inode page
   due to lock failure or dirty|writeback
   status
 - f2fs_submit_page_bio
 : write last dirty data to old blkaddr
					 - move_data_block
					  - load old data from meta_inode page
					  - f2fs_submit_page_write
					  : write old data to new blkaddr

Because invalidate_mapping_pages() will skip invalidating page which
has unclear status including locked, dirty, writeback and so on, so
we need to use truncate_inode_pages_range() instead of
invalidate_mapping_pages() to make sure meta_inode page will be dropped.
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/04226d8e3c4028dc451e9d8777356ec0f7919253 [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/77bfdb89cc222fc7bfe198eda77bdc427d5ac189 [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/9f0c4a46be1fe9b97dbe66d49204c1371e3ece65 [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/c92f2927df860a60ba815d3ee610a944b92a8694 [No types assigned]