摘要:
In the Linux kernel, the following vulnerability has been resolved:erofs: fix inconsistent per-file compression formatEROFS can select compression algorithms on a per-file basis, and eachper-file compression algorithm needs to be marked in the on-disksuperblock for initialization.However, syzkaller can generate inconsistent crafted images that usean unsupported algorithmtype for specific inodes, e.g. use MicroLZMAalgorithmtype even it s not set in `sbi->available_compr_algs`. Thiscan lead to an unexpected BUG: kernel NULL pointer dereference ifthe corresponding decompressor isn t built-in.Fix this by checking against `sbi->available_compr_algs` for eachm_algorithmformat request. Incorrect !erofs_sb_has_compr_cfgs presetbitmap is now fixed together since it was harmless previously.
安全等级: Low
公告ID: KylinSec-SA-2024-2230
发布日期: 2024年5月27日
关联CVE: CVE-2024-26590
In the Linux kernel, the following vulnerability has been resolved:erofs: fix inconsistent per-file compression formatEROFS can select compression algorithms on a per-file basis, and eachper-file compression algorithm needs to be marked in the on-disksuperblock for initialization.However, syzkaller can generate inconsistent crafted images that usean unsupported algorithmtype for specific inodes, e.g. use MicroLZMAalgorithmtype even it s not set in `sbi->available_compr_algs`. Thiscan lead to an unexpected BUG: kernel NULL pointer dereference ifthe corresponding decompressor isn t built-in.Fix this by checking against `sbi->available_compr_algs` for eachm_algorithmformat request. Incorrect !erofs_sb_has_compr_cfgs presetbitmap is now fixed together since it was harmless previously.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-26590 | KY3.4-4A | kernel | Unaffected |
| CVE-2024-26590 | KY3.4-5A | kernel | Unaffected |
| CVE-2024-26590 | KY3.5.1 | kernel | Unaffected |
