In the Linux kernel, the following vulnerability has been resolved:
btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer
Btrfs clears the content of an extent buffer marked as EXTENT_BUFFER_ZONED_ZEROOUT before the bio submission. This mechanism is introduced to prevent a write hole of an extent buffer, which is once allocated, marked dirty, but turns out unnecessary and cleaned up within one transaction operation.
Currently, btrfs_clear_buffer_dirty() marks the extent buffer as EXTENT_BUFFER_ZONED_ZEROOUT, and skips the entry function. If this call happens while the buffer is under IO (with the WRITEBACK flag set, without the DIRTY flag), we can add the ZEROOUT flag and clear the buffers content just before a bio submission. As a result:
it can lead to adding faulty delayed reference item which leads to a FS corrupted (EUCLEAN) error, and
it writes out cleared tree node on disk
The former issue is previously discussed in [1]. The corruption happens when it runs a delayed reference update. So, on-disk data is safe.
The latter one can reach on-disk data. But, as that node is already processed by btrfs_clear_buffer_dirty(), that will be invalidated in the next transaction commit anyway. So, the chance of hitting the corruption is relatively small.
Anyway, we should skip flagging ZEROOUT on a non-DIRTY extent buffer, to keep the content under IO intact.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux | Ubuntu | noble | * |
Linux-allwinner-5.19 | Ubuntu | jammy | * |
Linux-allwinner-5.19 | Ubuntu | upstream | * |
Linux-aws | Ubuntu | noble | * |
Linux-aws | Ubuntu | upstream | * |
Linux-aws-5.0 | Ubuntu | bionic | * |
Linux-aws-5.0 | Ubuntu | esm-infra/bionic | * |
Linux-aws-5.0 | Ubuntu | upstream | * |
Linux-aws-5.11 | Ubuntu | esm-infra/focal | * |
Linux-aws-5.11 | Ubuntu | focal | * |
Linux-aws-5.11 | Ubuntu | upstream | * |
Linux-aws-5.13 | Ubuntu | esm-infra/focal | * |
Linux-aws-5.13 | Ubuntu | focal | * |
Linux-aws-5.13 | Ubuntu | upstream | * |
Linux-aws-5.15 | Ubuntu | upstream | * |
Linux-aws-5.19 | Ubuntu | jammy | * |
Linux-aws-5.19 | Ubuntu | upstream | * |
Linux-aws-5.3 | Ubuntu | bionic | * |
Linux-aws-5.3 | Ubuntu | esm-infra/bionic | * |
Linux-aws-5.3 | Ubuntu | upstream | * |
Linux-aws-5.4 | Ubuntu | upstream | * |
Linux-aws-5.8 | Ubuntu | esm-infra/focal | * |
Linux-aws-5.8 | Ubuntu | focal | * |
Linux-aws-5.8 | Ubuntu | upstream | * |
Linux-aws-6.2 | Ubuntu | jammy | * |
Linux-aws-6.2 | Ubuntu | upstream | * |
Linux-aws-6.5 | Ubuntu | upstream | * |
Linux-aws-6.8 | Ubuntu | jammy | * |
Linux-aws-6.8 | Ubuntu | upstream | * |
Linux-aws-fips | Ubuntu | trusty | * |
Linux-aws-fips | Ubuntu | upstream | * |
Linux-aws-fips | Ubuntu | xenial | * |
Linux-aws-hwe | Ubuntu | upstream | * |
Linux-azure | Ubuntu | bionic | * |
Linux-azure | Ubuntu | esm-infra/bionic | * |
Linux-azure | Ubuntu | noble | * |
Linux-azure | Ubuntu | upstream | * |
Linux-azure-4.15 | Ubuntu | upstream | * |
Linux-azure-5.11 | Ubuntu | esm-infra/focal | * |
Linux-azure-5.11 | Ubuntu | focal | * |
Linux-azure-5.11 | Ubuntu | upstream | * |
Linux-azure-5.13 | Ubuntu | esm-infra/focal | * |
Linux-azure-5.13 | Ubuntu | focal | * |
Linux-azure-5.13 | Ubuntu | upstream | * |
Linux-azure-5.15 | Ubuntu | upstream | * |
Linux-azure-5.19 | Ubuntu | jammy | * |
Linux-azure-5.19 | Ubuntu | upstream | * |
Linux-azure-5.3 | Ubuntu | bionic | * |
Linux-azure-5.3 | Ubuntu | esm-infra/bionic | * |
Linux-azure-5.3 | Ubuntu | upstream | * |
Linux-azure-5.4 | Ubuntu | upstream | * |
Linux-azure-5.8 | Ubuntu | esm-infra/focal | * |
Linux-azure-5.8 | Ubuntu | focal | * |
Linux-azure-5.8 | Ubuntu | upstream | * |
Linux-azure-6.2 | Ubuntu | jammy | * |
Linux-azure-6.2 | Ubuntu | upstream | * |
Linux-azure-6.5 | Ubuntu | upstream | * |
Linux-azure-6.8 | Ubuntu | jammy | * |
Linux-azure-6.8 | Ubuntu | upstream | * |
Linux-azure-edge | Ubuntu | bionic | * |
Linux-azure-edge | Ubuntu | esm-infra/bionic | * |
Linux-azure-edge | Ubuntu | upstream | * |
Linux-azure-fde | Ubuntu | esm-infra/focal | * |
Linux-azure-fde | Ubuntu | focal | * |
Linux-azure-fde | Ubuntu | upstream | * |
Linux-azure-fde-5.15 | Ubuntu | upstream | * |
Linux-azure-fde-5.19 | Ubuntu | jammy | * |
Linux-azure-fde-5.19 | Ubuntu | upstream | * |
Linux-azure-fde-6.2 | Ubuntu | jammy | * |
Linux-azure-fde-6.2 | Ubuntu | upstream | * |
Linux-azure-fips | Ubuntu | trusty | * |
Linux-azure-fips | Ubuntu | upstream | * |
Linux-azure-fips | Ubuntu | xenial | * |
Linux-bluefield | Ubuntu | upstream | * |
Linux-fips | Ubuntu | upstream | * |
Linux-gcp | Ubuntu | bionic | * |
Linux-gcp | Ubuntu | esm-infra/bionic | * |
Linux-gcp | Ubuntu | noble | * |
Linux-gcp | Ubuntu | upstream | * |
Linux-gcp-4.15 | Ubuntu | upstream | * |
Linux-gcp-5.11 | Ubuntu | esm-infra/focal | * |
Linux-gcp-5.11 | Ubuntu | focal | * |
Linux-gcp-5.11 | Ubuntu | upstream | * |
Linux-gcp-5.13 | Ubuntu | esm-infra/focal | * |
Linux-gcp-5.13 | Ubuntu | focal | * |
Linux-gcp-5.13 | Ubuntu | upstream | * |
Linux-gcp-5.15 | Ubuntu | upstream | * |
Linux-gcp-5.19 | Ubuntu | jammy | * |
Linux-gcp-5.19 | Ubuntu | upstream | * |
Linux-gcp-5.3 | Ubuntu | bionic | * |
Linux-gcp-5.3 | Ubuntu | esm-infra/bionic | * |
Linux-gcp-5.3 | Ubuntu | upstream | * |
Linux-gcp-5.4 | Ubuntu | upstream | * |
Linux-gcp-5.8 | Ubuntu | esm-infra/focal | * |
Linux-gcp-5.8 | Ubuntu | focal | * |
Linux-gcp-5.8 | Ubuntu | upstream | * |
Linux-gcp-6.2 | Ubuntu | jammy | * |
Linux-gcp-6.2 | Ubuntu | upstream | * |
Linux-gcp-6.5 | Ubuntu | upstream | * |
Linux-gcp-6.8 | Ubuntu | upstream | * |
Linux-gcp-fips | Ubuntu | trusty | * |
Linux-gcp-fips | Ubuntu | upstream | * |
Linux-gcp-fips | Ubuntu | xenial | * |
Linux-gke | Ubuntu | esm-infra/focal | * |
Linux-gke | Ubuntu | focal | * |
Linux-gke | Ubuntu | noble | * |
Linux-gke | Ubuntu | upstream | * |
Linux-gke | Ubuntu | xenial | * |
Linux-gke-4.15 | Ubuntu | bionic | * |
Linux-gke-4.15 | Ubuntu | esm-infra/bionic | * |
Linux-gke-4.15 | Ubuntu | upstream | * |
Linux-gke-5.15 | Ubuntu | esm-infra/focal | * |
Linux-gke-5.15 | Ubuntu | focal | * |
Linux-gke-5.15 | Ubuntu | upstream | * |
Linux-gke-5.4 | Ubuntu | bionic | * |
Linux-gke-5.4 | Ubuntu | esm-infra/bionic | * |
Linux-gke-5.4 | Ubuntu | upstream | * |
Linux-gkeop | Ubuntu | upstream | * |
Linux-gkeop-5.15 | Ubuntu | upstream | * |
Linux-gkeop-5.4 | Ubuntu | bionic | * |
Linux-gkeop-5.4 | Ubuntu | esm-infra/bionic | * |
Linux-gkeop-5.4 | Ubuntu | upstream | * |
Linux-hwe | Ubuntu | bionic | * |
Linux-hwe | Ubuntu | esm-infra/bionic | * |
Linux-hwe | Ubuntu | upstream | * |
Linux-hwe-5.11 | Ubuntu | esm-infra/focal | * |
Linux-hwe-5.11 | Ubuntu | focal | * |
Linux-hwe-5.11 | Ubuntu | upstream | * |
Linux-hwe-5.13 | Ubuntu | esm-infra/focal | * |
Linux-hwe-5.13 | Ubuntu | focal | * |
Linux-hwe-5.13 | Ubuntu | upstream | * |
Linux-hwe-5.15 | Ubuntu | upstream | * |
Linux-hwe-5.19 | Ubuntu | jammy | * |
Linux-hwe-5.19 | Ubuntu | upstream | * |
Linux-hwe-5.4 | Ubuntu | upstream | * |
Linux-hwe-5.8 | Ubuntu | esm-infra/focal | * |
Linux-hwe-5.8 | Ubuntu | focal | * |
Linux-hwe-5.8 | Ubuntu | upstream | * |
Linux-hwe-6.2 | Ubuntu | jammy | * |
Linux-hwe-6.2 | Ubuntu | upstream | * |
Linux-hwe-6.5 | Ubuntu | upstream | * |
Linux-hwe-6.8 | Ubuntu | upstream | * |
Linux-hwe-edge | Ubuntu | esm-infra/bionic | * |
Linux-hwe-edge | Ubuntu | esm-infra/xenial | * |
Linux-hwe-edge | Ubuntu | upstream | * |
Linux-hwe-edge | Ubuntu | xenial | * |
Linux-ibm | Ubuntu | mantic | * |
Linux-ibm | Ubuntu | noble | * |
Linux-ibm | Ubuntu | upstream | * |
Linux-ibm-5.15 | Ubuntu | upstream | * |
Linux-ibm-5.4 | Ubuntu | upstream | * |
Linux-intel | Ubuntu | noble | * |
Linux-intel | Ubuntu | upstream | * |
Linux-intel-5.13 | Ubuntu | esm-infra/focal | * |
Linux-intel-5.13 | Ubuntu | focal | * |
Linux-intel-5.13 | Ubuntu | upstream | * |
Linux-intel-iot-realtime | Ubuntu | jammy | * |
Linux-intel-iot-realtime | Ubuntu | upstream | * |
Linux-intel-iotg | Ubuntu | upstream | * |
Linux-intel-iotg-5.15 | Ubuntu | upstream | * |
Linux-iot | Ubuntu | upstream | * |
Linux-kvm | Ubuntu | upstream | * |
Linux-laptop | Ubuntu | upstream | * |
Linux-lowlatency | Ubuntu | noble | * |
Linux-lowlatency | Ubuntu | upstream | * |
Linux-lowlatency-hwe-5.15 | Ubuntu | upstream | * |
Linux-lowlatency-hwe-5.19 | Ubuntu | jammy | * |
Linux-lowlatency-hwe-5.19 | Ubuntu | upstream | * |
Linux-lowlatency-hwe-6.2 | Ubuntu | jammy | * |
Linux-lowlatency-hwe-6.2 | Ubuntu | upstream | * |
Linux-lowlatency-hwe-6.5 | Ubuntu | upstream | * |
Linux-lowlatency-hwe-6.8 | Ubuntu | upstream | * |
Linux-lts-xenial | Ubuntu | upstream | * |
Linux-nvidia | Ubuntu | noble | * |
Linux-nvidia | Ubuntu | upstream | * |
Linux-nvidia-6.2 | Ubuntu | jammy | * |
Linux-nvidia-6.2 | Ubuntu | upstream | * |
Linux-nvidia-6.5 | Ubuntu | upstream | * |
Linux-nvidia-6.8 | Ubuntu | jammy | * |
Linux-nvidia-6.8 | Ubuntu | upstream | * |
Linux-nvidia-lowlatency | Ubuntu | upstream | * |
Linux-oem | Ubuntu | bionic | * |
Linux-oem | Ubuntu | esm-infra/bionic | * |
Linux-oem | Ubuntu | upstream | * |
Linux-oem | Ubuntu | xenial | * |
Linux-oem-5.10 | Ubuntu | esm-infra/focal | * |
Linux-oem-5.10 | Ubuntu | focal | * |
Linux-oem-5.10 | Ubuntu | upstream | * |
Linux-oem-5.13 | Ubuntu | esm-infra/focal | * |
Linux-oem-5.13 | Ubuntu | focal | * |
Linux-oem-5.13 | Ubuntu | upstream | * |
Linux-oem-5.14 | Ubuntu | esm-infra/focal | * |
Linux-oem-5.14 | Ubuntu | focal | * |
Linux-oem-5.14 | Ubuntu | upstream | * |
Linux-oem-5.17 | Ubuntu | jammy | * |
Linux-oem-5.17 | Ubuntu | upstream | * |
Linux-oem-5.6 | Ubuntu | esm-infra/focal | * |
Linux-oem-5.6 | Ubuntu | focal | * |
Linux-oem-5.6 | Ubuntu | upstream | * |
Linux-oem-6.0 | Ubuntu | jammy | * |
Linux-oem-6.0 | Ubuntu | upstream | * |
Linux-oem-6.1 | Ubuntu | jammy | * |
Linux-oem-6.1 | Ubuntu | upstream | * |
Linux-oem-6.11 | Ubuntu | upstream | * |
Linux-oem-6.5 | Ubuntu | upstream | * |
Linux-oem-6.8 | Ubuntu | noble | * |
Linux-oem-6.8 | Ubuntu | upstream | * |
Linux-oracle | Ubuntu | noble | * |
Linux-oracle | Ubuntu | upstream | * |
Linux-oracle-5.0 | Ubuntu | bionic | * |
Linux-oracle-5.0 | Ubuntu | esm-infra/bionic | * |
Linux-oracle-5.0 | Ubuntu | upstream | * |
Linux-oracle-5.11 | Ubuntu | esm-infra/focal | * |
Linux-oracle-5.11 | Ubuntu | focal | * |
Linux-oracle-5.11 | Ubuntu | upstream | * |
Linux-oracle-5.13 | Ubuntu | esm-infra/focal | * |
Linux-oracle-5.13 | Ubuntu | focal | * |
Linux-oracle-5.13 | Ubuntu | upstream | * |
Linux-oracle-5.15 | Ubuntu | upstream | * |
Linux-oracle-5.3 | Ubuntu | bionic | * |
Linux-oracle-5.3 | Ubuntu | esm-infra/bionic | * |
Linux-oracle-5.3 | Ubuntu | upstream | * |
Linux-oracle-5.4 | Ubuntu | upstream | * |
Linux-oracle-5.8 | Ubuntu | esm-infra/focal | * |
Linux-oracle-5.8 | Ubuntu | focal | * |
Linux-oracle-5.8 | Ubuntu | upstream | * |
Linux-oracle-6.5 | Ubuntu | upstream | * |
Linux-oracle-6.8 | Ubuntu | jammy | * |
Linux-oracle-6.8 | Ubuntu | upstream | * |
Linux-raspi | Ubuntu | noble | * |
Linux-raspi | Ubuntu | upstream | * |
Linux-raspi-5.4 | Ubuntu | upstream | * |
Linux-raspi-realtime | Ubuntu | noble | * |
Linux-raspi-realtime | Ubuntu | realtime/noble | * |
Linux-raspi-realtime | Ubuntu | upstream | * |
Linux-raspi2 | Ubuntu | bionic | * |
Linux-raspi2 | Ubuntu | esm-infra/focal | * |
Linux-raspi2 | Ubuntu | focal | * |
Linux-raspi2 | Ubuntu | upstream | * |
Linux-raspi2 | Ubuntu | xenial | * |
Linux-realtime | Ubuntu | jammy | * |
Linux-realtime | Ubuntu | realtime/noble | * |
Linux-realtime | Ubuntu | upstream | * |
Linux-riscv | Ubuntu | esm-infra/focal | * |
Linux-riscv | Ubuntu | focal | * |
Linux-riscv | Ubuntu | jammy | * |
Linux-riscv | Ubuntu | noble | * |
Linux-riscv | Ubuntu | upstream | * |
Linux-riscv-5.11 | Ubuntu | esm-infra/focal | * |
Linux-riscv-5.11 | Ubuntu | focal | * |
Linux-riscv-5.11 | Ubuntu | upstream | * |
Linux-riscv-5.15 | Ubuntu | upstream | * |
Linux-riscv-5.19 | Ubuntu | jammy | * |
Linux-riscv-5.19 | Ubuntu | upstream | * |
Linux-riscv-5.8 | Ubuntu | esm-infra/focal | * |
Linux-riscv-5.8 | Ubuntu | focal | * |
Linux-riscv-5.8 | Ubuntu | upstream | * |
Linux-riscv-6.5 | Ubuntu | upstream | * |
Linux-riscv-6.8 | Ubuntu | upstream | * |
Linux-starfive | Ubuntu | upstream | * |
Linux-starfive-5.19 | Ubuntu | jammy | * |
Linux-starfive-5.19 | Ubuntu | upstream | * |
Linux-starfive-6.2 | Ubuntu | jammy | * |
Linux-starfive-6.2 | Ubuntu | upstream | * |
Linux-starfive-6.5 | Ubuntu | upstream | * |
Linux-xilinx-zynqmp | Ubuntu | upstream | * |