Bugzilla – Bug 1220504
VUL-0: CVE-2021-46945: kernel-source,kernel-source-azure,kernel-source-rt: ext4: inconsistent behavior when errors=panic is specified
Last modified: 2024-03-08 22:59:59 UTC
In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()"), the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sda -o remount,abort test After commit 014c9caa29d3, remounting a file system using the test mount option "abort" will no longer trigger a panic. This commit will restore the behaviour immediately before commit 014c9caa29d3. (However, note that the Linux kernel's behavior has not been consistent; some previous kernel versions, including 5.4 and 4.19 similarly did not panic after using the mount option "abort".) This also makes a change to long-standing behaviour; namely, the following series commands will now cause a panic, when previously it did not: 1. mount /dev/sda -o ro,errors=panic test 2. echo test > /sys/fs/ext4/sda/trigger_fs_error However, this makes ext4's behaviour much more consistent, so this is a good thing. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46945 https://www.cve.org/CVERecord?id=CVE-2021-46945 https://git.kernel.org/stable/c/1e9ea8f4637026b8e965128953f2da061ccae9c4 https://git.kernel.org/stable/c/64e1eebe2131183174f4fbb6b1491355f96c6cde https://git.kernel.org/stable/c/ac2f7ca51b0929461ea49918f27c11b680f28995
We have 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()") in cve/linux-5.14, SLE15-SP6, stable and master, all of which have the fix. Closing.