btrfs: fix match incorrectly in dev_args_match_device
3Vexday Risk Score
Sem sinal de exploração. Nenhum artefato público de exploração conhecido até agora.
ssvc Trackepss 0.2%
probabilidade de exploração
0.2%top 94% das CVEs
exploração observada
nãonenhuma fonte reporta
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix match incorrectly in dev_args_match_device
syzkaller found a failed assertion:
assertion failed: (args->devid != (u64)-1) || args->missing, in fs/btrfs/volumes.c:6921
This can be triggered when we set devid to (u64)-1 by ioctl. In this
case, the match of devid will be skipped and the match of device may
succeed incorrectly.
Patch 562d7b1512f7 introduced this function which is used to match device.
This function contains two matching scenarios, we can distinguish them by
checking the value of args->missing rather than check whether args->devid
and args->uuid is default value.
Produtos afetados
Linux · Linux