Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, resulting in the following WARNING. Fix it by mapping EBADMSG to nfserr_io. nfsd_buffered_readdir iterate_dir // -EBADMSG -74 ext4_readdir // .iterate_shared ext4_dx_readdir ext4_htree_fill_tree htree_dirblock_to_tree ext4_read_dirblock __ext4_read_dirblock ext4_dirblock_csum_verify warn_no_space_for_csum __warn_no_space_for_csum return ERR_PTR(-EFSBADCRC) // -EBADMSG -74 nfserrno // WARNING [ 161.115610] ------------[ cut here ]------------ [ 161.116465] nfsd: non-standard errno: -74 [ 161.117315] WARNING: CPU: 1 PID: 780 at fs/nfsd/nfsproc.c:878 nfserrno+0x9d/0xd0 [ 161.118596] Modules linked in: [ 161.119243] CPU: 1 PID: 780 Comm: nfsd Not tainted 5.10.0-00014-g79679361fd5d #138 [ 161.120684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qe mu.org 04/01/2014 [ 161.123601] RIP: 0010:nfserrno+0x9d/0xd0 [ 161.124676] Code: 0f 87 da 30 dd 00 83 e3 01 b8 00 00 00 05 75 d7 44 89 ee 48 c7 c7 c0 57 24 98 89 44 24 04 c6 05 ce 2b 61 03 01 e8 99 20 d8 00 <0f> 0b 8b 44 24 04 eb b5 4c 89 e6 48 c7 c7 a0 6d a4 99 e8 cc 15 33 [ 161.127797] RSP: 0018:ffffc90000e2f9c0 EFLAGS: 00010286 [ 161.128794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.130089] RDX: 1ffff1103ee16f6d RSI: 0000000000000008 RDI: fffff520001c5f2a [ 161.131379] RBP: 0000000000000022 R08: 0000000000000001 R09: ffff8881f70c1827 [ 161.132664] R10: ffffed103ee18304 R11: 0000000000000001 R12: 0000000000000021 [ 161.133949] R13: 00000000ffffffb6 R14: ffff8881317c0000 R15: ffffc90000e2fbd8 [ 161.135244] FS: 0000000000000000(0000) GS:ffff8881f7080000(0000) knlGS:0000000000000000 [ 161.136695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.137761] CR2: 00007fcaad70b348 CR3: 0000000144256006 CR4: 0000000000770ee0 [ 161.139041] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 161.140291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 161.141519] PKRU: 55555554 [ 161.142076] Call Trace: [ 161.142575] ? __warn+0x9b/0x140 [ 161.143229] ? nfserrno+0x9d/0xd0 [ 161.143872] ? report_bug+0x125/0x150 [ 161.144595] ? handle_bug+0x41/0x90 [ 161.145284] ? exc_invalid_op+0x14/0x70 [ 161.146009] ? asm_exc_invalid_op+0x12/0x20 [ 161.146816] ? nfserrno+0x9d/0xd0 [ 161.147487] nfsd_buffered_readdir+0x28b/0x2b0 [ 161.148333] ? nfsd4_encode_dirent_fattr+0x380/0x380 [ 161.149258] ? nfsd_buffered_filldir+0xf0/0xf0 [ 161.150093] ? wait_for_concurrent_writes+0x170/0x170 [ 161.151004] ? generic_file_llseek_size+0x48/0x160 [ 161.151895] nfsd_readdir+0x132/0x190 [ 161.152606] ? nfsd4_encode_dirent_fattr+0x380/0x380 [ 161.153516] ? nfsd_unlink+0x380/0x380 [ 161.154256] ? override_creds+0x45/0x60 [ 161.155006] nfsd4_encode_readdir+0x21a/0x3d0 [ 161.155850] ? nfsd4_encode_readlink+0x210/0x210 [ 161.156731] ? write_bytes_to_xdr_buf+0x97/0xe0 [ 161.157598] ? __write_bytes_to_xdr_buf+0xd0/0xd0 [ 161.158494] ? lock_downgrade+0x90/0x90 [ 161.159232] ? nfs4svc_decode_voidarg+0x10/0x10 [ 161.160092] nfsd4_encode_operation+0x15a/0x440 [ 161.160959] nfsd4_proc_compound+0x718/0xe90 [ 161.161818] nfsd_dispatch+0x18e/0x2c0 [ 161.162586] svc_process_common+0x786/0xc50 [ 161.163403] ? nfsd_svc+0x380/0x380 [ 161.164137] ? svc_printk+0x160/0x160 [ 161.164846] ? svc_xprt_do_enqueue.part.0+0x365/0x380 [ 161.165808] ? nfsd_svc+0x380/0x380 [ 161.166523] ? rcu_is_watching+0x23/0x40 [ 161.167309] svc_process+0x1a5/0x200 [ 161.168019] nfsd+0x1f5/0x380 [ 161.168663] ? nfsd_shutdown_threads+0x260/0x260 [ 161.169554] kthread+0x1c4/0x210 [ 161.170224] ? kthread_insert_work_sanity_check+0x80/0x80 [ 161.171246] ret_from_fork+0x1f/0x30

Metrics

 

CVSS Version 4.0 CVSS Version 3.x CVSS Version 2.0

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score:  5.5 MEDIUM

Vector:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS 2.0 Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource
https://git.kernel.org/stable/c/0ea4333c679f333e23956de743ad17387819d3f2	Patch
https://git.kernel.org/stable/c/340e61e44c1d2a15c42ec72ade9195ad525fd048	Patch
https://git.kernel.org/stable/c/6fe058502f8864649c3d614b06b2235223798f48	Patch
https://git.kernel.org/stable/c/825789ca94602543101045ad3aad19b2b60c6b2a	Patch
https://git.kernel.org/stable/c/c76005adfa93d1a027433331252422078750321f	Patch
https://git.kernel.org/stable/c/e9cfecca22a36b927a440abc6307efb9e138fed5	Patch
https://git.kernel.org/stable/c/f7d8ee9db94372b8235f5f22bb24381891594c42	Patch

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-354	Improper Validation of Integrity Check Value	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found show changes

Initial Analysis by NIST 10/24/2024 4:13:50 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		Record truncated, showing 500 of 626 characters. View Entire Change Record OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 5.10.227 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.168 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.113 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.55 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Added	CWE		NIST CWE-354
Changed	Reference Type	https://git.kernel.org/stable/c/0ea4333c679f333e23956de743ad17387819d3f2 No Types Assigned	https://git.kernel.org/stable/c/0ea4333c679f333e23956de743ad17387819d3f2 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/340e61e44c1d2a15c42ec72ade9195ad525fd048 No Types Assigned	https://git.kernel.org/stable/c/340e61e44c1d2a15c42ec72ade9195ad525fd048 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/6fe058502f8864649c3d614b06b2235223798f48 No Types Assigned	https://git.kernel.org/stable/c/6fe058502f8864649c3d614b06b2235223798f48 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/825789ca94602543101045ad3aad19b2b60c6b2a No Types Assigned	https://git.kernel.org/stable/c/825789ca94602543101045ad3aad19b2b60c6b2a Patch
Changed	Reference Type	https://git.kernel.org/stable/c/c76005adfa93d1a027433331252422078750321f No Types Assigned	https://git.kernel.org/stable/c/c76005adfa93d1a027433331252422078750321f Patch
Changed	Reference Type	https://git.kernel.org/stable/c/e9cfecca22a36b927a440abc6307efb9e138fed5 No Types Assigned	https://git.kernel.org/stable/c/e9cfecca22a36b927a440abc6307efb9e138fed5 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/f7d8ee9db94372b8235f5f22bb24381891594c42 No Types Assigned	https://git.kernel.org/stable/c/f7d8ee9db94372b8235f5f22bb24381891594c42 Patch

New CVE Received by NIST 10/21/2024 2:15:09 PM

Action	Type	Old Value	New Value
Added	Description		Record truncated, showing 500 of 3971 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, resulting in the following WARNING. Fix it by mapping EBADMSG to nfserr_io. nfsd_buffered_readdir iterate_dir // -EBADMSG -74 ext4_readdir // .iterate_shared ext4_dx_readdir ext4_htree_fill_tree htree_dirblock_to_tree ext4_read_dirblock __ext4_read_dirblock ext4_d
Added	Reference		kernel.org https://git.kernel.org/stable/c/0ea4333c679f333e23956de743ad17387819d3f2 [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/340e61e44c1d2a15c42ec72ade9195ad525fd048 [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/6fe058502f8864649c3d614b06b2235223798f48 [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/825789ca94602543101045ad3aad19b2b60c6b2a [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/c76005adfa93d1a027433331252422078750321f [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/e9cfecca22a36b927a440abc6307efb9e138fed5 [No types assigned]
Added	Reference		kernel.org https://git.kernel.org/stable/c/f7d8ee9db94372b8235f5f22bb24381891594c42 [No types assigned]