CVE-2024-42304

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: make sure the first directory block is not a hole<br /> <br /> The syzbot constructs a directory that has no dirblock but is non-inline,<br /> i.e. the first directory block is a hole. And no errors are reported when<br /> creating files in this directory in the following flow.<br /> <br /> ext4_mknod<br /> ...<br /> ext4_add_entry<br /> // Read block 0<br /> ext4_read_dirblock(dir, block, DIRENT)<br /> bh = ext4_bread(NULL, inode, block, 0)<br /> if (!bh &amp;&amp; (type == INDEX || type == DIRENT_HTREE))<br /> // The first directory block is a hole<br /> // But type == DIRENT, so no error is reported.<br /> <br /> After that, we get a directory block without &amp;#39;.&amp;#39; and &amp;#39;..&amp;#39; but with a valid<br /> dentry. This may cause some code that relies on dot or dotdot (such as<br /> make_indexed_dir()) to crash.<br /> <br /> Therefore when ext4_read_dirblock() finds that the first directory block<br /> is a hole report that the filesystem is corrupted and return an error to<br /> avoid loading corrupted data from disk causing something bad.