CVE-2022-49364

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> f2fs: fix to clear dirty inode in f2fs_evict_inode()<br /> <br /> As Yanming reported in bugzilla:<br /> <br /> https://bugzilla.kernel.org/show_bug.cgi?id=215904<br /> <br /> The kernel message is shown below:<br /> <br /> kernel BUG at fs/f2fs/inode.c:825!<br /> Call Trace:<br /> evict+0x282/0x4e0<br /> __dentry_kill+0x2b2/0x4d0<br /> shrink_dentry_list+0x17c/0x4f0<br /> shrink_dcache_parent+0x143/0x1e0<br /> do_one_tree+0x9/0x30<br /> shrink_dcache_for_umount+0x51/0x120<br /> generic_shutdown_super+0x5c/0x3a0<br /> kill_block_super+0x90/0xd0<br /> kill_f2fs_super+0x225/0x310<br /> deactivate_locked_super+0x78/0xc0<br /> cleanup_mnt+0x2b7/0x480<br /> task_work_run+0xc8/0x150<br /> exit_to_user_mode_prepare+0x14a/0x150<br /> syscall_exit_to_user_mode+0x1d/0x40<br /> do_syscall_64+0x48/0x90<br /> <br /> The root cause is: inode node and dnode node share the same nid,<br /> so during f2fs_evict_inode(), dnode node truncation will invalidate<br /> its NAT entry, so when truncating inode node, it fails due to<br /> invalid NAT entry, result in inode is still marked as dirty, fix<br /> this issue by clearing dirty for inode and setting SBI_NEED_FSCK<br /> flag in filesystem.<br /> <br /> output from dump.f2fs:<br /> [print_node_info: 354] Node ID [0xf:15] is inode<br /> i_nid[0] [0x f : 15]