CVE-2021-47007 in Linux
Summary
by MITRE • 02/28/2024
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix panic during f2fs_resize_fs()
f2fs_resize_fs() hangs in below callstack with testcase: - mkfs 16GB image & mount image - dd 8GB fileA - dd 8GB fileB - sync - rm fileA - sync - resize filesystem to 8GB
kernel BUG at segment.c:2484! Call Trace: allocate_segment_by_default+0x92/0xf0 [f2fs]
f2fs_allocate_data_block+0x44b/0x7e0 [f2fs]
do_write_page+0x5a/0x110 [f2fs]
f2fs_outplace_write_data+0x55/0x100 [f2fs]
f2fs_do_write_data_page+0x392/0x850 [f2fs]
move_data_page+0x233/0x320 [f2fs]
do_garbage_collect+0x14d9/0x1660 [f2fs]
free_segment_range+0x1f7/0x310 [f2fs]
f2fs_resize_fs+0x118/0x330 [f2fs]
__f2fs_ioctl+0x487/0x3680 [f2fs]
__x64_sys_ioctl+0x8e/0xd0 do_syscall_64+0x33/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xa9
The root cause is we forgot to check that whether we have enough space in resized filesystem to store all valid blocks in before-resizing filesystem, then allocator will run out-of-space during block migration in free_segment_range().
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 08/10/2025
The vulnerability CVE-2021-47007 represents a critical panic condition in the Linux kernel's f2fs (Flash-Friendly File System) implementation that occurs during filesystem resizing operations. This issue manifests when the f2fs_resize_fs() function attempts to reduce the size of an f2fs filesystem while there are still valid data blocks that need to be migrated to the new smaller space. The problem specifically arises in scenarios where a large filesystem is created, populated with substantial data, and then resized to a smaller size, creating a situation where the existing data cannot be properly relocated within the constrained space. The vulnerability is classified under CWE-129 as an "Improper Validation of Array Index" and more specifically relates to improper validation of filesystem space allocation during resize operations.
The technical flaw occurs in the segment.c file at line 2484 where a kernel BUG is triggered during the allocation process. The call stack reveals that the panic originates from allocate_segment_by_default() function which is invoked during the f2fs_resize_fs() operation. The core issue stems from the f2fs filesystem's failure to validate whether sufficient space exists in the resized filesystem to accommodate all valid blocks from the original filesystem before attempting the resize operation. This validation gap becomes critical when the resize operation requires data migration, particularly during the free_segment_range() phase where the system attempts to reclaim segments that contain valid data blocks that need to be moved to the new filesystem structure. The system enters an infinite loop or deadlock condition when it attempts to allocate blocks for data migration but encounters an out-of-space condition during the migration process.
The operational impact of this vulnerability is severe as it can cause complete system crashes or panics when legitimate filesystem resize operations are performed on f2fs filesystems. Attackers could potentially exploit this vulnerability by crafting specific sequences of operations that trigger the resize scenario, leading to denial of service conditions that affect the entire system. The vulnerability affects systems using f2fs filesystems that support online resizing operations, making it particularly concerning for embedded systems, mobile devices, and servers that rely on f2fs for storage management. The panic condition essentially renders the filesystem unusable until the system is rebooted, creating significant downtime and potential data loss scenarios.
Mitigation strategies for CVE-2021-47007 should focus on ensuring proper validation of filesystem space requirements before initiating resize operations. The most effective approach involves implementing comprehensive space checking mechanisms that verify sufficient allocation capacity exists before allowing filesystem resizing to proceed. System administrators should ensure their systems are updated with patches that address this specific validation gap in the f2fs implementation. Additionally, monitoring and logging should be implemented to detect unusual filesystem resize patterns that might indicate attempted exploitation. The fix should be integrated with standard security practices such as those outlined in the MITRE ATT&CK framework under the T1499 category for network denial of service attacks, as this vulnerability can be leveraged to cause system-wide availability issues. Organizations should also consider implementing filesystem monitoring tools that can detect and alert on filesystem resize operations that exceed normal parameters, providing early warning of potential exploitation attempts.