CVE-2024-47669

Summary

CVE-2024-47669 is a vulnerability affecting the Linux kernel's nilfs2 file system. After a commit in 2021, the log writing function nilfs_segctor_do_construct() began issuing I/O requests continuously when user data blocks were split into multiple logs across segments. Two flaws were introduced in the error handling of this function. Firstly, if nilfs_segctor_begin_construction() fails while creating the second or subsequent logs, nilfs_segctor_do_construct() returns without calling nilfs_segctor_abort_construction(). This leaves writeback flags set on pages/folios, causing page cache operations to hang. For instance, truncate_inode_pages_final() may hang when an inode is evicted from memory. Secondly, inodes with the NILFS_I_COLLECTED flag set are erroneously removed from the "sc_dirty_files" list if a partial log write is performed that does not involve checkpoint creation. As a result, their data and b-tree blocks may not be written to the device, leading to block mapping corruption. To address these issues, the loop in nilfs_segctor_do_construct() should uniformly call nilfs_segctor_abort_construction() on failure of each step. This will ensure that logs and segment usages are cleaned up according to the progress, and the conditions for calling nilfs_redirty_inodes() are corrected to ensure the NILFS_I_COLLECTED flag is cleared.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.