中危 ext4:指定errors=panic 时始终出现panic (CVE-2021-46945)

CVE编号

CVE-2021-46945

利用情况

暂无

补丁情况

官方补丁

披露时间

2024-02-28
漏洞描述
In the Linux kernel, the following vulnerability has been resolved:

ext4: always panic when errors=panic is specified

Before commit 014c9caa29d3 ("ext4: make ext4_abort() use
__ext4_error()"), the following series of commands would trigger a
panic:

1. mount /dev/sda -o ro,errors=panic test
2. mount /dev/sda -o remount,abort test

After commit 014c9caa29d3, remounting a file system using the test
mount option "abort" will no longer trigger a panic. This commit will
restore the behaviour immediately before commit 014c9caa29d3.
(However, note that the Linux kernel's behavior has not been
consistent; some previous kernel versions, including 5.4 and 4.19
similarly did not panic after using the mount option "abort".)

This also makes a change to long-standing behaviour; namely, the
following series commands will now cause a panic, when previously it
did not:

1. mount /dev/sda -o ro,errors=panic test
2. echo test > /sys/fs/ext4/sda/trigger_fs_error

However, this makes ext4's behaviour much more consistent, so this is
a good thing.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://git.kernel.org/stable/c/1e9ea8f4637026b8e965128953f2da061ccae9c4
https://git.kernel.org/stable/c/64e1eebe2131183174f4fbb6b1491355f96c6cde
https://git.kernel.org/stable/c/ac2f7ca51b0929461ea49918f27c11b680f28995
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 debian_10 linux * Up to
(excluding)
4.19.304-1
运行在以下环境
系统 debian_11 linux * Up to
(excluding)
5.10.209-2
运行在以下环境
系统 debian_12 linux * Up to
(excluding)
6.1.76-1
运行在以下环境
系统 linux linux_kernel * From
(including)
5.11.0 		Up to
(excluding)
5.11.20
运行在以下环境
系统 linux linux_kernel * From
(including)
5.12.0 		Up to
(excluding)
5.12.3
阿里云评分
5.0
  • 攻击路径
    本地
  • 攻击复杂度
    困难
  • 权限要求
    管控权限
  • 影响范围
    有限影响
  • EXP成熟度
    未验证
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    无影响
  • 服务器危害
    无影响
  • 全网数量
    N/A
CWE-ID 漏洞类型
NVD-CWE-noinfo
阿里云安全产品覆盖情况