Bug 1220504 (CVE-2021-46945)

Summary: VUL-0: CVE-2021-46945: kernel-source,kernel-source-azure,kernel-source-rt: ext4: inconsistent behavior when errors=panic is specified
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Kernel Bugs <kernel-bugs>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: carlos.lopez, jack, mhocko
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/395352/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-46945:4.4:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-02-28 07:47:57 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ext4: always panic when errors=panic is specified

Before commit 014c9caa29d3 ("ext4: make ext4_abort() use
__ext4_error()"), the following series of commands would trigger a
panic:

1. mount /dev/sda -o ro,errors=panic test
2. mount /dev/sda -o remount,abort test

After commit 014c9caa29d3, remounting a file system using the test
mount option "abort" will no longer trigger a panic.  This commit will
restore the behaviour immediately before commit 014c9caa29d3.
(However, note that the Linux kernel's behavior has not been
consistent; some previous kernel versions, including 5.4 and 4.19
similarly did not panic after using the mount option "abort".)

This also makes a change to long-standing behaviour; namely, the
following series commands will now cause a panic, when previously it
did not:

1. mount /dev/sda -o ro,errors=panic test
2. echo test > /sys/fs/ext4/sda/trigger_fs_error

However, this makes ext4's behaviour much more consistent, so this is
a good thing.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46945
https://www.cve.org/CVERecord?id=CVE-2021-46945
https://git.kernel.org/stable/c/1e9ea8f4637026b8e965128953f2da061ccae9c4
https://git.kernel.org/stable/c/64e1eebe2131183174f4fbb6b1491355f96c6cde
https://git.kernel.org/stable/c/ac2f7ca51b0929461ea49918f27c11b680f28995
Comment 1 Carlos López 2024-02-28 07:57:38 UTC 
We have 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()") in cve/linux-5.14, SLE15-SP6, stable and master, all of which have the fix. Closing.