CVE-2024-42297 in Linuxinfo

Summary

by MITRE • 08/17/2024

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to don't dirty inode for readonly filesystem

syzbot reports f2fs bug as below:

kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fs_evict_inode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664 dispose_list fs/inode.c:697 [inline]
evict_inodes+0x5f8/0x690 fs/inode.c:747 generic_shutdown_super+0x9d/0x2c0 fs/super.c:675 kill_block_super+0x44/0x90 fs/super.c:1667 kill_f2fs_super+0x303/0x3b0 fs/f2fs/super.c:4894 deactivate_locked_super+0xc1/0x130 fs/super.c:484 cleanup_mnt+0x426/0x4c0 fs/namespace.c:1256 task_work_run+0x24a/0x300 kernel/task_work.c:180 ptrace_notify+0x2cd/0x380 kernel/signal.c:2399 ptrace_report_syscall include/linux/ptrace.h:411 [inline]
ptrace_report_syscall_exit include/linux/ptrace.h:473 [inline]
syscall_exit_work kernel/entry/common.c:251 [inline]
syscall_exit_to_user_mode_prepare kernel/entry/common.c:278 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
syscall_exit_to_user_mode+0x15c/0x280 kernel/entry/common.c:296 do_syscall_64+0x50/0x110 arch/x86/entry/common.c:88 entry_SYSCALL_64_after_hwframe+0x63/0x6b

The root cause is: - do_sys_open - f2fs_lookup - __f2fs_find_entry - f2fs_i_depth_write - f2fs_mark_inode_dirty_sync - f2fs_dirty_inode - set_inode_flag(inode, FI_DIRTY_INODE)

- umount - kill_f2fs_super - kill_block_super - generic_shutdown_super - sync_filesystem : sb is readonly, skip sync_filesystem() - evict_inodes - iput - f2fs_evict_inode - f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE)) : trigger kernel panic

When we try to repair i_current_depth in readonly filesystem, let's skip dirty inode to avoid panic in later f2fs_evict_inode().

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 02/01/2026

The vulnerability described in CVE-2024-42297 affects the Linux kernel's f2fs (Flash-Friendly File System) implementation and represents a critical issue that can lead to system crashes through kernel panics. This flaw manifests when the system attempts to unmount a read-only f2fs filesystem, triggering an improper handling of inode states during the eviction process. The root cause lies in the incorrect assumption that inodes marked as dirty during filesystem operations can be safely processed even in read-only contexts, which violates fundamental filesystem integrity principles.

The technical execution path begins with a sequence of system calls that ultimately leads to an inode being marked as dirty while operating on a read-only filesystem. Specifically, during file operations such as do_sys_open followed by f2fs_lookup and __f2fs_find_entry, the system attempts to update inode metadata including depth tracking through f2fs_i_depth_write. This process calls f2fs_mark_inode_dirty_sync which in turn triggers f2fs_dirty_inode and sets the FI_DIRTY_INODE flag on the inode. When the filesystem is subsequently unmounted, the kill_f2fs_super function initiates the shutdown sequence, including sync_filesystem which is skipped for read-only filesystems as expected. However, the subsequent evict_inodes operation attempts to process all inodes including those marked as dirty, leading to a kernel panic when f2fs_evict_inode encounters an inode with the FI_DIRTY_INODE flag that should not be present during read-only operations.

This vulnerability directly impacts system stability and availability by causing kernel panics that result in complete system crashes. The panic occurs at a critical point in the filesystem shutdown sequence, specifically at fs/f2fs/inode.c line 933, where a kernel BUG_ON condition fails due to the presence of a dirty inode flag on an inode that should not have been marked as dirty during read-only operations. This represents a violation of filesystem consistency principles where modifications to inode metadata should not occur on read-only volumes, and the kernel's handling of such states fails to maintain proper isolation between read-only and read-write operations.

The operational impact of this vulnerability extends beyond simple system crashes to potentially expose systems to denial-of-service conditions, particularly in embedded systems or environments where reliable filesystem operations are critical. Attackers could potentially exploit this by mounting read-only f2fs filesystems and then triggering unmount operations to cause system panics, leading to service disruption. The flaw also demonstrates a failure in proper state management and validation within the kernel's filesystem subsystem, specifically in how it handles inode flags during different filesystem access modes. This issue aligns with CWE-129, which addresses improper validation of input, and relates to ATT&CK technique T1490, which involves data destruction through system crashes or corruption.

The recommended mitigation for this vulnerability involves applying the kernel patch that modifies the f2fs filesystem implementation to skip dirty inode operations when dealing with read-only filesystems during unmount operations. This fix ensures that inode metadata updates are properly constrained to read-write contexts, preventing the inappropriate setting of dirty flags on inodes during read-only operations. Additionally, system administrators should ensure that all systems running affected kernel versions receive timely updates, particularly in environments where f2fs filesystems are used in production. The fix specifically addresses the problematic code path by modifying the inode handling logic to recognize when filesystem operations are occurring in read-only contexts and appropriately skip dirty inode marking operations to prevent subsequent kernel panics during shutdown sequences.

Responsible

Linux

Reservation

07/30/2024

Disclosure

08/17/2024

Moderation

accepted

CPE

ready

EPSS

0.00237

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!