Bug 2261976 (CVE-2021-33631)

Summary: CVE-2021-33631 kernel: ext4: kernel bug in ext4_write_inline_data_end()
Product: [Other] Security Response Reporter: Mauro Matteo Cascella <mcascell>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: acaringi, ajmitchell, allarkin, anprice, aquini, bhu, chwhite, cye, cyin, dbohanno, debarbos, dfreiber, drow, dvlasenk, esandeen, ezulian, hkrzesin, ikent, jarod, jburrell, jdenham, jfaracco, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kgrant, ldoskova, lgoncalv, lzampier, mleitner, mmilgram, mstowell, nmurray, ptalbert, rparrazo, rrobaina, rvrbovsk, rysulliv, scweaver, sukulkar, tglozar, tyberry, vkumar, wcosta, williams, wmealing, ycote, ykopkova, zhijwang
Target Milestone: ---Keywords: Security
Target Release: ---Flags: vinair: needinfo? (kgrant)
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel 6.2-rc1 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the openEuler kernel in Linux filesystem modules that allows an integer overflow via mounting a corrupted filesystem. This issue affects the openEuler kernel in versions from 4.19.90 through 4.19.90-2401.3 and 5.10.0-60.18.0 through 5.10.0-183.0.0.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2261978    

Description Mauro Matteo Cascella 2024-01-30 17:22:31 UTC 
NVD description:
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

Upstream commit:
https://github.com/torvalds/linux/commit/5c099c4fdc438014d5893629e70a8ba934433ee8

References:
https://www.openwall.com/lists/oss-security/2024/01/30/3
https://nvd.nist.gov/vuln/detail/CVE-2021-33631
Comment 3 Mauro Matteo Cascella 2024-01-31 10:16:00 UTC 
This CVE was fixed upstream in kernel version 6.2. The kernel packages as shipped in Red Hat Enterprise Linux 9 were previously updated to a version that contains the fix via the following errata:

kernel in Red Hat Enterprise Linux 9
https://access.redhat.com/errata/RHSA-2023:2458

kernel-rt in Red Hat Enterprise Linux 9
https://access.redhat.com/errata/RHSA-2023:2148
Comment 7 errata-xmlrpc 2024-04-02 15:55:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:1607 https://access.redhat.com/errata/RHSA-2024:1607
Comment 8 errata-xmlrpc 2024-04-02 17:21:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:1614 https://access.redhat.com/errata/RHSA-2024:1614
Comment 9 errata-xmlrpc 2024-04-03 00:30:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:1653 https://access.redhat.com/errata/RHSA-2024:1653
Comment 11 errata-xmlrpc 2024-04-16 14:53:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:1840 https://access.redhat.com/errata/RHSA-2024:1840
Comment 12 errata-xmlrpc 2024-04-16 15:03:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:1836 https://access.redhat.com/errata/RHSA-2024:1836
Comment 15 errata-xmlrpc 2024-04-30 16:59:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:2621 https://access.redhat.com/errata/RHSA-2024:2621