Bug 2320198 (CVE-2024-47725)
| Summary: | CVE-2024-47725 kernel: dm-verity: restart or panic on an I/O error | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | unspecified | CC: | dfreiber, drow, jburrell, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
[REJECTED CVE] An issue has been identified in the Linux Kernel's dm-verity module, which ensures integrity verification for block devices. This issue arises because dm-verity does not crash when an I/O error occurs. In certain scenarios, an attacker could exploit this behavior by crafting sectors that trigger errors, such as through the Write Uncorrectable command. This could potentially subvert security mechanisms, as some programs may behave unpredictably or fail to handle the resulting I/O errors (EIO) correctly, leading to unintended system behavior.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2320354 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2024-10-21 13:01:34 UTC
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024102104-CVE-2024-47725-f698@gregkh/T This CVE has been rejected upstream: https://lore.kernel.org/lkml/2024102352-stable-eats-61b2@gregkh/T/ https://lore.kernel.org/linux-cve-announce/2024102340-REJECTED-8982@gregkh/T/ |