Bug 1450261 (CVE-2017-7495) - CVE-2017-7495 kernel: ext4: power failure during write(2) causes on-disk information leak
Summary: CVE-2017-7495 kernel: ext4: power failure during write(2) causes on-disk info...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-7495
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20170512,repor...
Depends On: 1454551 1454552 1454553 1461806 1461807
Blocks: 1325973
TreeView+ depends on / blocked
 
Reported: 2017-05-12 03:17 UTC by Wade Mealing
Modified: 2019-06-08 22:00 UTC (History)
23 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel where filesystems mounted with data=ordered mode may allow an attacker to read stale data from recently allocated blocks in new files after a system 'reset' by abusing ext4 mechanics of delayed allocation.
Clone Of:
Environment:
Last Closed: 2018-03-23 15:12:46 UTC


Attachments (Terms of Use)

Description Wade Mealing 2017-05-12 03:17:41 UTC
A flaw was found in the kernels implementation of ext4 for filesystems mounted with data=ordered mode. Stale data from recently allocated blocks may appear in newly created blocks in files when a system is 'power reset'.  This may allow an attacker to gain information about file contents being written to disk when the system was being reset.  This issue only affects regular write()'s and not when an application is using direct IO.

In testing, the amount of stale-data leakage is at maximum the amount of outstanding delayed journal transactions to the underlying device since the last commit (defaulting to 5 seconds, but tunable/exasperated with commit=nrsec mount option).

Comment 2 Wade Mealing 2017-05-12 03:18:21 UTC
Mitigation:

Alternative filesystems may be used in place of ext4 in case of sensitive data leak. Alternatively, don't hard reset the system.

Comment 3 Wade Mealing 2017-05-23 03:28:27 UTC
Acknowledgments:

Name: Takeshi Nishimura (NEC)

Comment 5 Wade Mealing 2017-05-23 03:49:51 UTC
Statement:

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.  Future Linux kernel updates for the respective releases may address this issue.
fs


Note You need to log in before you can comment on or make changes to this bug.