From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 371C113D29F for ; Tue, 21 May 2024 14:40:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716302452; cv=none; b=SXWlGS5vYSzRYY1mdM2ZT4NwsycgYLvy6Z8UGucvrhQLe2NOKg332CWqRonV97MAMjKB5Zs5EKTv7TzomIp4oedkDkfTARCI1RPreGTapxLR1hf9Na53aqZFd7/+Vh+ZX0b22wZkteYz4qECviUciKQlepVh4Tc7mSY2vlRHQIw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716302452; c=relaxed/simple; bh=9jIQkS09hUyVGJX51wc7TMoUb6SiKHfPA4X+8+A5Q1s=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=osMcCYH81sayvlky/g389LsBU3STnGD6dNpNUWYJ6pK+jqZe8NlRm1W9nD4yt+EPE3PNCEDP+sazGmUrUeOASkdLYurfxhRWTcZSBeH7K+5J77WviLjD4Fxwgy5DbUQoulD1gl9D8SAOFWCLblj9d0exKoINsKjZidDYKlJx7XM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=GrSkR+/1; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="GrSkR+/1" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B4FA0C2BD11; Tue, 21 May 2024 14:40:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1716302452; bh=9jIQkS09hUyVGJX51wc7TMoUb6SiKHfPA4X+8+A5Q1s=; h=From:To:Cc:Subject:Date:Reply-to:From; b=GrSkR+/1x1I/EHApz0q+rcJQf+e3OupN/T6Hj3cqS38xe8EksQ+xUZg6876nGJLda tNiWDTgVNr5RYkwOO5HFADhBpeFyMfJFQs8Lc6Tf5WY+6N/bl0HbevaSPyCBnrMXrc W1f6FPySJCBQfZINkdg1lk/08UBCjUswcs889mDM= From: Greg Kroah-Hartman To: linux-cve-announce@vger.kernel.org Cc: Greg Kroah-Hartman Subject: CVE-2021-47340: jfs: fix GPF in diFree Date: Tue, 21 May 2024 16:36:14 +0200 Message-ID: <2024052137-CVE-2021-47340-059b@gregkh> X-Mailer: git-send-email 2.45.1 Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Reply-to: , X-Developer-Signature: v=1; a=openpgp-sha256; l=2853; i=gregkh@linuxfoundation.org; h=from:subject:message-id; bh=9jIQkS09hUyVGJX51wc7TMoUb6SiKHfPA4X+8+A5Q1s=; b=owGbwMvMwCRo6H6F97bub03G02pJDGk+Gy21lsx5yX9ZL7thm2filNBlhVLZOyb8K9d8eSTFc //vrdInO2JZGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAirwUY5pcqMJyMsJ/Sx/jP M/t4bExmvl/wVoZ5+scdxJK+317Sf6GxyXFt6ivVumUnAQ== X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Content-Transfer-Encoding: 8bit Description =========== In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap *imap = JFS_IP(ipimap)->i_imap; JFS_IP() will return invalid pointer when ipimap == NULL Call Trace: diFree+0x13d/0x2dc0 fs/jfs/jfs_imap.c:853 [1] jfs_evict_inode+0x2c9/0x370 fs/jfs/inode.c:154 evict+0x2ed/0x750 fs/inode.c:578 iput_final fs/inode.c:1654 [inline] iput.part.0+0x3fe/0x820 fs/inode.c:1680 iput+0x58/0x70 fs/inode.c:1670 The Linux kernel CVE team has assigned CVE-2021-47340 to this issue. Affected and fixed versions =========================== Fixed in 4.4.276 with commit 7bde24bde490 Fixed in 4.9.276 with commit 745c9a59422c Fixed in 4.14.240 with commit 49def1b06448 Fixed in 4.19.198 with commit aff8d95b6905 Fixed in 5.4.133 with commit a21e5cb1a64c Fixed in 5.10.51 with commit 801893695036 Fixed in 5.12.18 with commit 3bb27e272402 Fixed in 5.13.3 with commit 42f102ea1943 Fixed in 5.14 with commit 9d574f985fe3 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2021-47340 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/jfs/inode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/7bde24bde490f3139eee147efc6d60d6040fe975 https://git.kernel.org/stable/c/745c9a59422c63f661f4374ed5181740db4130a1 https://git.kernel.org/stable/c/49def1b0644892e3b113673c13d650c3060b43bc https://git.kernel.org/stable/c/aff8d95b69051d0cf4acc3d91f22299fdbb9dfb3 https://git.kernel.org/stable/c/a21e5cb1a64c904f1f0ef7b2d386fc7d2b1d2ce2 https://git.kernel.org/stable/c/8018936950360f1c503bb385e158cfc5e4945d18 https://git.kernel.org/stable/c/3bb27e27240289b47d3466f647a55c567adbdc3a https://git.kernel.org/stable/c/42f102ea1943ecb10a0756bf75424de5d1d5beed https://git.kernel.org/stable/c/9d574f985fe33efd6911f4d752de6f485a1ea732