CVE-2024-57924

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fs: relax assertions on failure to encode file handles<br /> <br /> Encoding file handles is usually performed by a filesystem &gt;encode_fh()<br /> method that may fail for various reasons.<br /> <br /> The legacy users of exportfs_encode_fh(), namely, nfsd and<br /> name_to_handle_at(2) syscall are ready to cope with the possibility<br /> of failure to encode a file handle.<br /> <br /> There are a few other users of exportfs_encode_{fh,fid}() that<br /> currently have a WARN_ON() assertion when -&gt;encode_fh() fails.<br /> Relax those assertions because they are wrong.<br /> <br /> The second linked bug report states commit 16aac5ad1fa9 ("ovl: support<br /> encoding non-decodable file handles") in v6.6 as the regressing commit,<br /> but this is not accurate.<br /> <br /> The aforementioned commit only increases the chances of the assertion<br /> and allows triggering the assertion with the reproducer using overlayfs,<br /> inotify and drop_caches.<br /> <br /> Triggering this assertion was always possible with other filesystems and<br /> other reasons of -&gt;encode_fh() failures and more particularly, it was<br /> also possible with the exact same reproducer using overlayfs that is<br /> mounted with options index=on,nfs_export=on also on kernels