CVE-2024-50014

一、漏洞信息
 漏洞编号：[CVE-2024-50014](https://nvd.nist.gov/vuln/detail/CVE-2024-50014)
 漏洞归属组件：[kernel](https://gitee.com/src-openeuler/kernel)
 漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.4.0,6.6.0
 CVSS V3.0分值：
  BaseScore：5.5 Medium
  Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 漏洞简述：
  In the Linux kernel, the following vulnerability has been resolved:ext4: fix access to uninitialised lock in fc replay pathThe following kernel trace can be triggered with fstest generic/629 whenexecuted against a filesystem with fast-commit feature enabled:INFO: trying to register non-static key.The code is fine but needs lockdep annotation, or maybeyou didn t initialize this object before use?turning off the locking correctness validator.CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014Call Trace: <TASK> dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180...In the replay path there s an attempt to lock sbi->s_bdev_wb_lock infunction ext4_check_bdev_write_error().  Unfortunately, at this point thisspinlock has not been initialized yet.  Moving it s initialization to anearlier point in __ext4_fill_super() fixes this splat.
 漏洞公开时间：2024-10-22 03:15:04
 漏洞创建时间：2024-10-22 03:30:31
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2024-50014
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/13ea9547763a0488a90ff37cdf52ec85e36ea344 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/23dfdb56581ad92a9967bcd720c8c23356af74c1 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/6e35f560daebe40264c95e9a1ab03110d4997df6 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/b002031d585a14eed511117dda8c6452a804d508 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/d157fc20ca5239fd56965a5a8aa1a0e25919891a |  |
| suse_bugzilla | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-50014 | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://www.cve.org/CVERecord?id=CVE-2024-50014 | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://git.kernel.org/stable/c/23dfdb56581ad92a9967bcd720c8c23356af74c1 | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://git.kernel.org/stable/c/b002031d585a14eed511117dda8c6452a804d508 | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://git.kernel.org/stable/c/d157fc20ca5239fd56965a5a8aa1a0e25919891a | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-50014.mbox | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| suse_bugzilla | https://bugzilla.redhat.com/show_bug.cgi?id=2320481 | https://bugzilla.suse.com/show_bug.cgi?id=1232446 |
| debian |  | https://security-tracker.debian.org/tracker/CVE-2024-50014 |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  openBrain开源漏洞感知系统
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源  |
| ------- | -------- | ------- | -------- | --------- |
|  |  | https://git.kernel.org/stable/c/23dfdb56581ad92a9967bcd720c8c23356af74c1 |  | nvd |
|  |  | https://git.kernel.org/stable/c/b002031d585a14eed511117dda8c6452a804d508 |  | nvd |
|  |  | https://git.kernel.org/stable/c/d157fc20ca5239fd56965a5a8aa1a0e25919891a |  | nvd |
| linux_kernel | 6.10.14 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d157fc20ca52Fixed |  | linuxkernelcves |
| linux_kernel | 6.11.3 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b002031d585aFixed |  | linuxkernelcves |
| linux_kernel | 6.12-rc1 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=23dfdb56581aPlease |  | linuxkernelcves |

</details>

二、漏洞分析结构反馈
 影响性分析说明：
  In the Linux kernel, the following vulnerability has been resolved:ext4: fix access to uninitialised lock in fc replay pathThe following kernel trace can be triggered with fstest generic/629 whenexecuted against a filesystem with fast-commit feature enabled:INFO: trying to register non-static key.The code is fine but needs lockdep annotation, or maybeyou didn t initialize this object before use?turning off the locking correctness validator.CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014Call Trace: <TASK> dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180...In the replay path there s an attempt to lock sbi->s_bdev_wb_lock infunction ext4_check_bdev_write_error().  Unfortunately, at this point thisspinlock has not been initialized yet.  Moving it s initialization to anearlier point in __ext4_fill_super() fixes this splat.
 openEuler评分：
  5.5
 Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 受影响版本排查(受影响/不受影响)：
  1.openEuler-20.03-LTS-SP4:受影响
2.openEuler-22.03-LTS-SP1:受影响
3.openEuler-22.03-LTS-SP3:受影响
4.openEuler-22.03-LTS-SP4:受影响
5.openEuler-24.03-LTS:受影响
6.master:不受影响
7.openEuler-24.03-LTS-Next:不受影响

修复是否涉及abi变化(是/否)：
  1.openEuler-20.03-LTS-SP4:否
2.openEuler-22.03-LTS-SP1:否
3.openEuler-22.03-LTS-SP3:否
4.master:否
5.openEuler-24.03-LTS:否
6.openEuler-24.03-LTS-Next:否
7.openEuler-22.03-LTS-SP4:否

原因说明：
  1.master:
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3:
4.openEuler-22.03-LTS-SP4:
5.openEuler-24.03-LTS:
6.openEuler-24.03-LTS-Next:
7.openEuler-24.03-LTS-SP1:
8.openEuler-24.03-LTS-SP2:

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2024-2367

src-openEuler/kernel
关闭

内容风险标识

评论 (7)

src-openEuler/kernel关闭 .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2024-50014

评论 (7)

搜索帮助

src-openEuler/kernel
关闭