ghsa-ghv4-3pw7-86rj
Vulnerability from github
Published
2024-05-21 15:31
Modified
2025-05-12 21:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

jfs: fix GPF in diFree

Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear:

struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap;
struct inomap *imap = JFS_IP(ipimap)->i_imap;

JFS_IP() will return invalid pointer when ipimap == NULL

Call Trace: diFree+0x13d/0x2dc0 fs/jfs/jfs_imap.c:853 [1] jfs_evict_inode+0x2c9/0x370 fs/jfs/inode.c:154 evict+0x2ed/0x750 fs/inode.c:578 iput_final fs/inode.c:1654 [inline] iput.part.0+0x3fe/0x820 fs/inode.c:1680 iput+0x58/0x70 fs/inode.c:1670

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2021-47340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:20Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix GPF in diFree\n\nAvoid passing inode with\nJFS_SBI(inode-\u003ei_sb)-\u003eipimap == NULL to\ndiFree()[1]. GFP will appear:\n\n\tstruct inode *ipimap = JFS_SBI(ip-\u003ei_sb)-\u003eipimap;\n\tstruct inomap *imap = JFS_IP(ipimap)-\u003ei_imap;\n\nJFS_IP() will return invalid pointer when ipimap == NULL\n\nCall Trace:\n diFree+0x13d/0x2dc0 fs/jfs/jfs_imap.c:853 [1]\n jfs_evict_inode+0x2c9/0x370 fs/jfs/inode.c:154\n evict+0x2ed/0x750 fs/inode.c:578\n iput_final fs/inode.c:1654 [inline]\n iput.part.0+0x3fe/0x820 fs/inode.c:1680\n iput+0x58/0x70 fs/inode.c:1670",
  "id": "GHSA-ghv4-3pw7-86rj",
  "modified": "2025-05-12T21:30:55Z",
  "published": "2024-05-21T15:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47340"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3bb27e27240289b47d3466f647a55c567adbdc3a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/42f102ea1943ecb10a0756bf75424de5d1d5beed"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49def1b0644892e3b113673c13d650c3060b43bc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/745c9a59422c63f661f4374ed5181740db4130a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7bde24bde490f3139eee147efc6d60d6040fe975"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8018936950360f1c503bb385e158cfc5e4945d18"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9d574f985fe33efd6911f4d752de6f485a1ea732"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a21e5cb1a64c904f1f0ef7b2d386fc7d2b1d2ce2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aff8d95b69051d0cf4acc3d91f22299fdbb9dfb3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.