1211742 – (CVE-2023-2898) VUL-0: CVE-2023-2898: kernel: A null-ptr-deref bug in f2fs_write_end_io in fs/f2fs/data.c

Bug 1211742 (CVE-2023-2898) - VUL-0: CVE-2023-2898: kernel: A null-ptr-deref bug in f2fs_write_end_io in fs/f2fs/data.c

Summary: VUL-0: CVE-2023-2898: kernel: A null-ptr-deref bug in f2fs_write_end_io in fs...

Status:	RESOLVED UPSTREAM

Alias:	CVE-2023-2898

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/367493/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-2898:4.1:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-05-26 07:34 UTC by Gabriele Sonnu
Modified:	2023-05-29 07:57 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Gabriele Sonnu 2023-05-26 07:34:27 UTC

There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.

Refer:
https://lore.kernel.org/linux-f2fs-devel/20230522124203.3838360-1-chao@kernel.org/

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2898
https://bugzilla.redhat.com/show_bug.cgi?id=2210102

Comment 1 Gabriele Sonnu 2023-05-26 07:40:20 UTC

From the patch [0]:

> Fixes: b4b10061ef98 ("f2fs: refactor resize_fs to avoid meta updates in progress")

b4b10061ef98 is found in 

- SLE15-SP4
- SLE15-SP5
- SLE15-SP5-GA
- stable

[0] https://lore.kernel.org/linux-f2fs-devel/20230522124203.3838360-1-chao@kernel.org/

Comment 2 Anthony Iliopoulos 2023-05-26 13:53:08 UTC

We don't support f2fs, and do not even compile it at all for SLE (see bsc#1109665). We also blacklist it in git-fixes, so we don't receive/handle backports.

Comment 3 Gabriele Sonnu 2023-05-26 16:05:04 UTC

Thanks Anthony, I've updated our tracking. Closing this.

Comment 4 Anthony Iliopoulos 2023-05-26 20:23:33 UTC

(In reply to Gabriele Sonnu from comment #3)
> Thanks Anthony, I've updated our tracking. Closing this.

Thank you Grabriele. Does this mean you specifically marked this particular CVE as invalid or in general blacklisted everything related to f2fs for the future?

If the latter, then this perhaps need to be done on a per-branch basis (since maybe we still have older SLE releases where f2fs was still supported, or maybe on newer SLE releases the decision changes and we start supporting it).

For SLE15-SP4 (for example), you could perhaps consult the git-fixes blacklist [1].

[1] https://kerncvs.suse.de/gitweb/?p=kernel-source.git;a=blob;f=blacklist.conf;h=10d5cb4979d735807cc0a899d71f71b65a0717e2;hb=refs/heads/SLE15-SP4#l58

Comment 5 Gabriele Sonnu 2023-05-29 07:57:25 UTC

(In reply to Anthony Iliopoulos from comment #4)
> Does this mean you specifically marked this particular
> CVE as invalid or in general blacklisted everything related to f2fs for the
> future?

The former, we don't have a way to blacklist components in our tracking system.