CVE-2024-38636 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-38636 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: multidev: fix to recognize valid zero block address As reported by Yi Zhang in mailing list [1], kernel warning was catched during zbd/010 test as below: ./check zbd/010 zbd/010 (test gap zone support with F2FS) [failed] runtime ... 3.752s something found in dmesg: [ 4378.146781] run blktests zbd/010 at 2024-02-18 11:31:13 [ 4378.192349] null_blk: module loaded [ 4378.209860] null_blk: disk nullb0 created [ 4378.413285] scsi_debug:sdebug_driver_probe: scsi_debug: trim poll_queues to 0. poll_q/nr_hw = (0/1) [ 4378.422334] scsi host15: scsi_debug: version 0191 [20210520] dev_size_mb=1024, opts=0x0, submit_queues=1, statistics=0 [ 4378.434922] scsi 15:0:0:0: Direct-Access-ZBC Linux scsi_debug 0191 PQ: 0 ANSI: 7 [ 4378.443343] scsi 15:0:0:0: Power-on or device reset occurred [ 4378.449371] sd 15:0:0:0: Attached scsi generic sg5 type 20 [ 4378.449418] sd 15:0:0:0: [sdf] Host-managed zoned block device ... (See '/mnt/tests/gitlab.com/api/v4/projects/19168116/repository/archive.zip/storage/blktests/blk/blktests/results/nodev/zbd/010.dmesg' WARNING: CPU: 22 PID: 44011 at fs/iomap/iter.c:51 CPU: 22 PID: 44011 Comm: fio Not tainted 6.8.0-rc3+ #1 RIP: 0010:iomap_iter+0x32b/0x350 Call Trace: <TASK> __iomap_dio_rw+0x1df/0x830 f2fs_file_read_iter+0x156/0x3d0 [f2fs] aio_read+0x138/0x210 io_submit_one+0x188/0x8c0 __x64_sys_io_submit+0x8c/0x1a0 do_syscall_64+0x86/0x170 entry_SYSCALL_64_after_hwframe+0x6e/0x76 Shinichiro Kawasaki helps to analyse this issue and proposes a potential fixing patch in [2]. Quoted from reply of Shinichiro Kawasaki: "I confirmed that the trigger commit is dbf8e63f48af as Yi reported. I took a look in the commit, but it looks fine to me. So I thought the cause is not in the commit diff. I found the WARN is printed when the f2fs is set up with multiple devices, and read requests are mapped to the very first block of the second device in the direct read path. In this case, f2fs_map_blocks() and f2fs_map_blocks_cached() modify map->m_pblk as the physical block address from each block device. It becomes zero when it is mapped to the first block of the device. However, f2fs_iomap_begin() assumes that map->m_pblk is the physical block address of the whole f2fs, across the all block devices. It compares map->m_pblk against NULL_ADDR == 0, then go into the unexpected branch and sets the invalid iomap->length. The WARN catches the invalid iomap->length. This WARN is printed even for non-zoned block devices, by following steps. - Create two (non-zoned) null_blk devices memory backed with 128MB size each: nullb0 and nullb1. # mkfs.f2fs /dev/nullb0 -c /dev/nullb1 # mount -t f2fs /dev/nullb0 "${mount_dir}" # dd if=/dev/zero of="${mount_dir}/test.dat" bs=1M count=192 # dd if="${mount_dir}/test.dat" of=/dev/null bs=1M count=192 iflag=direct ..." So, the root cause of this issue is: when multi-devices feature is on, f2fs_map_blocks() may return zero blkaddr in non-primary device, which is a verified valid block address, however, f2fs_iomap_begin() treats it as an invalid block address, and then it triggers the warning in iomap framework code. Finally, as discussed, we decide to use a more simple and direct way that checking (map.m_flags & F2FS_MAP_MAPPED) condition instead of (map.m_pblk != NULL_ADDR) to fix this issue. Thanks a lot for the effort of Yi Zhang and Shinichiro Kawasaki on this issue. [1] https://lore.kernel.org/linux-f2fs-devel/CAHj4cs-kfojYC9i0G73PRkYzcxCTex=-vugRFeP40g_URGvnfQ@mail.gmail.com/ [2] https://lore.kernel.org/linux-f2fs-devel/gngdj77k4picagsfdtiaa7gpgnup6fsgwzsltx6milmhegmjff@iax2n4wvrqye/

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having low severity.

CVSS v3 Scores
	SUSE
Base Score	3.3
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector	Local
Attack Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Unchanged
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Low
CVSSv3 Version	3.1

SUSE Bugzilla entry: 1226879 [RESOLVED / INVALID]

No SUSE Security Announcements cross referenced.

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.

Product(s)	Source package	State
Products under general support and receiving all security fixes.
SUSE Enterprise Storage 7.1	kernel-default	Not affected
SUSE Enterprise Storage 7.1	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Desktop 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise Desktop 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP6	kernel-source-azure	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.5	kernel-source-rt	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP6	kernel-source-azure	Not affected
SUSE Linux Enterprise Real Time 12 SP5	kernel-source-rt	Not affected
SUSE Linux Enterprise Real Time 15 SP5	kernel-source-rt	Not affected
SUSE Linux Enterprise Real Time 15 SP6	kernel-source-rt	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP6	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP6	kernel-source-azure	Not affected
SUSE Manager Proxy 4.3	kernel-default	Not affected
SUSE Manager Proxy 4.3	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.3	kernel-default	Not affected
SUSE Manager Retail Branch Server 4.3	kernel-source	Not affected
SUSE Manager Server 4.3	kernel-default	Not affected
SUSE Manager Server 4.3	kernel-source	Not affected
SUSE Real Time Module 15 SP5	kernel-source-rt	Not affected
SUSE Real Time Module 15 SP6	kernel-source-rt	Not affected
openSUSE Leap 15.5	kernel-default	Not affected
openSUSE Leap 15.5	kernel-source	Not affected
openSUSE Leap 15.5	kernel-source-azure	Not affected
openSUSE Leap 15.5	kernel-source-rt	Not affected
openSUSE Leap 15.6	kernel-default	Not affected
openSUSE Leap 15.6	kernel-source	Not affected
openSUSE Leap 15.6	kernel-source-azure	Not affected
openSUSE Leap 15.6	kernel-source-rt	Not affected
Products under Long Term Service Pack support and receiving important and critical security fixes.
SUSE Linux Enterprise Desktop 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-source	Not affected
Products past their end of life and not receiving proactive updates anymore.
HPE Helion OpenStack 8	kernel-source	Not affected
SUSE CaaS Platform 4.0	kernel-source	Not affected
SUSE Enterprise Storage 6	kernel-source	Not affected
SUSE Enterprise Storage 7	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Micro 5.0	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source-rt	Not affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source-rt	Not affected
SUSE Linux Enterprise Server 11 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP1	kernel-source	Not affected
SUSE Manager Proxy 4.0	kernel-source	Not affected
SUSE Manager Proxy 4.1	kernel-source	Not affected
SUSE Manager Proxy 4.2	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.0	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.1	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.2	kernel-source	Not affected
SUSE Manager Server 4.0	kernel-source	Not affected
SUSE Manager Server 4.1	kernel-source	Not affected
SUSE Manager Server 4.2	kernel-source	Not affected
SUSE OpenStack Cloud 8	kernel-source	Not affected
SUSE OpenStack Cloud 9	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 8	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 9	kernel-source	Not affected
SUSE Real Time Module 15 SP3	kernel-source-rt	Not affected
SUSE Real Time Module 15 SP4	kernel-source-rt	Not affected

SUSE Timeline for this CVE

CVE page created: Fri Jun 21 14:02:44 2024
CVE page last modified: Fri Jun 28 16:45:28 2024