Upstream information

CVE-2021-47072 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix removed dentries still existing after log is synced

When we move one inode from one directory to another and both the inode
and its previous parent directory were logged before, we are not supposed
to have the dentry for the old parent if we have a power failure after the
log is synced. Only the new dentry is supposed to exist.

Generally this works correctly, however there is a scenario where this is
not currently working, because the old parent of the file/directory that
was moved is not authoritative for a range that includes the dir index and
dir item keys of the old dentry. This case is better explained with the
following example and reproducer:

# The test requires a very specific layout of keys and items in the
# fs/subvolume btree to trigger the bug. So we want to make sure that
# on whatever platform we are, we have the same leaf/node size.
#
# Currently in btrfs the node/leaf size can not be smaller than the page
# size (but it can be greater than the page size). So use the largest
# supported node/leaf size (64K).

$ mkfs.btrfs -f -n 65536 /dev/sdc
$ mount /dev/sdc /mnt

# "testdir" is inode 257.
$ mkdir /mnt/testdir
$ chmod 755 /mnt/testdir

# Create several empty files to have the directory "testdir" with its
# items spread over several leaves (7 in this case).
$ for ((i = 1; i <= 1200; i++)); do
echo -n > /mnt/testdir/file$i
done

# Create our test directory "dira", inode number 1458, which gets all
# its items in leaf 7.
#
# The BTRFS_DIR_ITEM_KEY item for inode 257 ("testdir") that points to
# the entry named "dira" is in leaf 2, while the BTRFS_DIR_INDEX_KEY
# item that points to that entry is in leaf 3.
#
# For this particular filesystem node size (64K), file count and file
# names, we endup with the directory entry items from inode 257 in
# leaves 2 and 3, as previously mentioned - what matters for triggering
# the bug exercised by this test case is that those items are not placed
# in leaf 1, they must be placed in a leaf different from the one
# containing the inode item for inode 257.
#
# The corresponding BTRFS_DIR_ITEM_KEY and BTRFS_DIR_INDEX_KEY items for
# the parent inode (257) are the following:
#
# item 460 key (257 DIR_ITEM 3724298081) itemoff 48344 itemsize 34
# location key (1458 INODE_ITEM 0) type DIR
# transid 6 data_len 0 name_len 4
# name: dira
#
# and:
#
# item 771 key (257 DIR_INDEX 1202) itemoff 36673 itemsize 34
# location key (1458 INODE_ITEM 0) type DIR
# transid 6 data_len 0 name_len 4
# name: dira

$ mkdir /mnt/testdir/dira

# Make sure everything done so far is durably persisted.
$ sync

# Now do a change to inode 257 ("testdir") that does not result in
# COWing leaves 2 and 3 - the leaves that contain the directory items
# pointing to inode 1458 (directory "dira").
#
# Changing permissions, the owner/group, updating or adding a xattr,
# etc, will not change (COW) leaves 2 and 3. So for the sake of
# simplicity change the permissions of inode 257, which results in
# updating its inode item and therefore change (COW) only leaf 1.

$ chmod 700 /mnt/testdir

# Now fsync directory inode 257.
#
# Since only the first leaf was changed/COWed, we log the inode item of
# inode 257 and only the dentries found in the first leaf, all have a
# key type of BTRFS_DIR_ITEM_KEY, and no keys of type
# BTRFS_DIR_INDEX_KEY, because they sort after the former type and none
# exist in the first leaf.
#
# We also log 3 items that represent ranges for dir items and dir
# indexes for which the log is authoritative:
#
# 1) a key of type BTRFS_DIR_LOG_ITEM_KEY, which indicates the log is
# authoritative for all BTRFS_DIR_ITEM_KEY keys that have an offset
# in the range [0, 2285968570] (the offset here is th
---truncated---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v3 Scores
  SUSE
Base Score 5.5
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
CVSSv3 Version 3.1
SUSE Bugzilla entry: 1220847 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.


Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.

Product(s) Source package State
Products under general support and receiving all security fixes.
SUSE Linux Enterprise Desktop 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise Desktop 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 12 SP5 kernel-default Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5 kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5 kernel-source-azure Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP5 kernel-source-azure Already fixed
SUSE Linux Enterprise Micro 5.1 kernel-default Already fixed
SUSE Linux Enterprise Micro 5.1 kernel-rt Already fixed
SUSE Linux Enterprise Micro 5.1 kernel-source-rt Already fixed
SUSE Linux Enterprise Micro 5.2 kernel-default Already fixed
SUSE Linux Enterprise Micro 5.2 kernel-rt Already fixed
SUSE Linux Enterprise Micro 5.2 kernel-source-rt Already fixed
SUSE Linux Enterprise Micro 5.3 kernel-default Already fixed
SUSE Linux Enterprise Micro 5.3 kernel-rt Already fixed
SUSE Linux Enterprise Micro 5.3 kernel-source-rt Already fixed
SUSE Linux Enterprise Micro 5.4 kernel-default Already fixed
SUSE Linux Enterprise Micro 5.4 kernel-rt Already fixed
SUSE Linux Enterprise Micro 5.4 kernel-source-rt Already fixed
SUSE Linux Enterprise Micro 5.5 kernel-source-rt Already fixed
SUSE Linux Enterprise Micro 6.0 kernel-source Already fixed
SUSE Linux Enterprise Micro 6.0 kernel-source-rt Already fixed
SUSE Linux Enterprise Module for Basesystem 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise Module for Basesystem 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise Module for Development Tools 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise Module for Development Tools 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise Module for Public Cloud 15 SP5 kernel-source-azure Already fixed
SUSE Linux Enterprise Real Time 12 SP5 kernel-source-rt Not affected
SUSE Linux Enterprise Real Time 15 SP5 kernel-source-rt Already fixed
SUSE Linux Enterprise Server 12 SP5 kernel-default Not affected
SUSE Linux Enterprise Server 12 SP5 kernel-source Not affected
SUSE Linux Enterprise Server 12 SP5 kernel-source-azure Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS kernel-source-azure Not affected
SUSE Linux Enterprise Server 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise Server 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP5 kernel-source-azure Already fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-default Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5 kernel-source-azure Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-default Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-source Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-source-azure Already fixed
SUSE Manager Proxy 4.3 kernel-default Already fixed
SUSE Manager Proxy 4.3 kernel-source Already fixed
SUSE Manager Proxy 4.3 kernel-source-azure Already fixed
SUSE Manager Retail Branch Server 4.3 kernel-default Already fixed
SUSE Manager Retail Branch Server 4.3 kernel-source Already fixed
SUSE Manager Retail Branch Server 4.3 kernel-source-azure Already fixed
SUSE Manager Server 4.3 kernel-default Already fixed
SUSE Manager Server 4.3 kernel-source Already fixed
SUSE Manager Server 4.3 kernel-source-azure Already fixed
SUSE Real Time Module 15 SP5 kernel-source-rt Already fixed
openSUSE Leap 15.5 kernel-source Already fixed
openSUSE Leap 15.5 kernel-source-azure Already fixed
openSUSE Leap 15.5 kernel-source-rt Already fixed
Products under Long Term Service Pack support and receiving important and critical security fixes.
SUSE Linux Enterprise Desktop 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP2 kernel-source-azure Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS kernel-default Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP3 kernel-source-azure Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-default Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4 kernel-source-azure Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-default Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-default Already fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-source Already fixed
SUSE Linux Enterprise Module for Basesystem 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Module for Basesystem 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise Module for Basesystem 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise Module for Development Tools 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Module for Development Tools 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise Module for Development Tools 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise Module for Public Cloud 15 SP4 kernel-source-azure Already fixed
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-source Not affected
SUSE Linux Enterprise Server 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP2 kernel-source-azure Already fixed
SUSE Linux Enterprise Server 15 SP2-LTSS kernel-default Already fixed
SUSE Linux Enterprise Server 15 SP2-LTSS kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP3 kernel-source-azure Already fixed
SUSE Linux Enterprise Server 15 SP3-LTSS kernel-default Already fixed
SUSE Linux Enterprise Server 15 SP3-LTSS kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP4 kernel-source-azure Already fixed
SUSE Linux Enterprise Server 15 SP4-LTSS kernel-default Already fixed
SUSE Linux Enterprise Server 15 SP4-LTSS kernel-source Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP2 kernel-default Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP2 kernel-source-azure Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-default Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-source-azure Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-default Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-source-azure Already fixed
Products past their end of life and not receiving proactive updates anymore.
HPE Helion OpenStack 8 kernel-source Not affected
SUSE CaaS Platform 4.0 kernel-source Not affected
SUSE CaaS Platform Toolchain 3 kernel-source Not affected
SUSE Enterprise Storage 6 kernel-source Not affected
SUSE Enterprise Storage 7 kernel-source Already fixed
SUSE Enterprise Storage 7 kernel-source-azure Already fixed
SUSE Enterprise Storage 7.1 kernel-default Already fixed
SUSE Enterprise Storage 7.1 kernel-source Already fixed
SUSE Enterprise Storage 7.1 kernel-source-azure Already fixed
SUSE Linux Enterprise Desktop 11 SP4 kernel-source Not affected
SUSE Linux Enterprise Desktop 12 SP2 kernel-source Not affected
SUSE Linux Enterprise Desktop 12 SP3 kernel-source Not affected
SUSE Linux Enterprise Desktop 12 SP4 kernel-source Not affected
SUSE Linux Enterprise Desktop 15 kernel-source Not affected
SUSE Linux Enterprise Desktop 15 SP1 kernel-source Not affected
SUSE Linux Enterprise Desktop 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Desktop 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise High Performance Computing 15 kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1 kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 15-ESPOS kernel-source Not affected
SUSE Linux Enterprise High Performance Computing 15-LTSS kernel-source Not affected
SUSE Linux Enterprise Micro 5.0 kernel-default Not affected
SUSE Linux Enterprise Module for Basesystem 15 kernel-source Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP1 kernel-source Not affected
SUSE Linux Enterprise Module for Development Tools 15 kernel-source Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP1 kernel-source Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP2 kernel-source-azure Already fixed
SUSE Linux Enterprise Module for Public Cloud 15 SP3 kernel-source-azure Already fixed
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT kernel-source Not affected
SUSE Linux Enterprise Real Time 15 SP2 kernel-source Already fixed
SUSE Linux Enterprise Real Time 15 SP3 kernel-source Already fixed
SUSE Linux Enterprise Real Time 15 SP3 kernel-source-rt Already fixed
SUSE Linux Enterprise Real Time 15 SP4 kernel-source Already fixed
SUSE Linux Enterprise Real Time 15 SP4 kernel-source-rt Already fixed
SUSE Linux Enterprise Server 11 SP4 kernel-source Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS kernel-default Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS kernel-source Not affected
SUSE Linux Enterprise Server 11 SP4-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP2 kernel-source Not affected
SUSE Linux Enterprise Server 12 SP2-BCL kernel-source Not affected
SUSE Linux Enterprise Server 12 SP2-ESPOS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS kernel-default Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP3 kernel-source Not affected
SUSE Linux Enterprise Server 12 SP3-BCL kernel-source Not affected
SUSE Linux Enterprise Server 12 SP3-ESPOS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP3-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP4 kernel-source Not affected
SUSE Linux Enterprise Server 12 SP4-ESPOS kernel-source Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS kernel-default Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 15 kernel-source Not affected
SUSE Linux Enterprise Server 15 SP1 kernel-source Not affected
SUSE Linux Enterprise Server 15 SP1-BCL kernel-source Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS kernel-default Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS kernel-source Not affected
SUSE Linux Enterprise Server 15 SP2-BCL kernel-source Already fixed
SUSE Linux Enterprise Server 15 SP3-BCL kernel-source Already fixed
SUSE Linux Enterprise Server 15-LTSS kernel-default Not affected
SUSE Linux Enterprise Server 15-LTSS kernel-source Not affected
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-default Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 15 kernel-source Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP1 kernel-source Not affected
SUSE Manager Proxy 4.0 kernel-source Not affected
SUSE Manager Proxy 4.1 kernel-source Already fixed
SUSE Manager Proxy 4.1 kernel-source-azure Already fixed
SUSE Manager Proxy 4.2 kernel-source Already fixed
SUSE Manager Proxy 4.2 kernel-source-azure Already fixed
SUSE Manager Retail Branch Server 4.0 kernel-source Not affected
SUSE Manager Retail Branch Server 4.1 kernel-source Already fixed
SUSE Manager Retail Branch Server 4.1 kernel-source-azure Already fixed
SUSE Manager Retail Branch Server 4.2 kernel-source Already fixed
SUSE Manager Retail Branch Server 4.2 kernel-source-azure Already fixed
SUSE Manager Server 4.0 kernel-source Not affected
SUSE Manager Server 4.1 kernel-source Already fixed
SUSE Manager Server 4.1 kernel-source-azure Already fixed
SUSE Manager Server 4.2 kernel-source Already fixed
SUSE Manager Server 4.2 kernel-source-azure Already fixed
SUSE OpenStack Cloud 7 kernel-source Not affected
SUSE OpenStack Cloud 8 kernel-source Not affected
SUSE OpenStack Cloud 9 kernel-default Not affected
SUSE OpenStack Cloud 9 kernel-source Not affected
SUSE OpenStack Cloud Crowbar 8 kernel-source Not affected
SUSE OpenStack Cloud Crowbar 9 kernel-default Not affected
SUSE OpenStack Cloud Crowbar 9 kernel-source Not affected
SUSE Real Time Module 15 SP3 kernel-source-rt Already fixed
SUSE Real Time Module 15 SP4 kernel-source-rt Already fixed
openSUSE Leap 15.3 kernel-source Already fixed
openSUSE Leap 15.3 kernel-source-azure Already fixed
openSUSE Leap 15.3 kernel-source-rt Already fixed
openSUSE Leap 15.4 kernel-source Already fixed
openSUSE Leap 15.4 kernel-source-azure Already fixed
openSUSE Leap 15.4 kernel-source-rt Already fixed
Products at an unknown state of their lifecycle.
SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security kernel-source Not affected
SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security kernel-source-azure Not affected


SUSE Timeline for this CVE

CVE page created: Sat Mar 2 01:00:31 2024
CVE page last modified: Tue Oct 8 18:33:09 2024