APPLIED: [SRU][N][PATCH 0/1] CVE-2024-49887
Mehmet Basaran
mehmet.basaran at canonical.com
Mon Jun 2 09:36:36 UTC 2025
Applied to noble:linux master-next branch. Thanks.
-------------- next part --------------
Massimiliano Pellizzer <massimiliano.pellizzer at canonical.com> writes:
> https://ubuntu.com/security/CVE-2024-49887
>
> [ Impact ]
>
> f2fs: fix to don't panic system for no free segment fault injection
>
> [ Fix ]
>
> Plucky: Not affected
> Oracular: Fixed via upstream stable updates (LP: #2089052)
> Noble: Cherry picked a dependency and backported the fix commit
> Jammy: Not affected
> Focal: Not affected
>
> [ Test Plan ]
>
> Compiled and boot tested.
> Tested simulating high write workload that could exhaust
> segment allocations using stress-ng:
> $ sudo mkfs.f2fs -f /dev/sdb
> ...
> Info: format successful
> $ sudo mkdir /mnt/test
> $ sudo mount -t f2fs /dev/sdb /mnt/test/
> $ cd /mnt/test/
> $ sudo stress-ng --hdd 4 --hdd-bytes 1G --fallocate 4 --timeout 10m --aggressive --metrics-brief
> ...
> stress-ng: info: [5945] successful run completed in 10 mins, 3.72 secs
>
> [ Where Problems Could Occur ]
>
> The fix affects the f2fs segment allocation logic.
> An issue with this fix may lead to incorrect handling of
> segment exhaustion scenarios, particularly during
> aggressive allocation requests.
> A user might experience problems such as allocation failures,
> or system hangs during high I/O workloads.
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 873 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250602/4a679087/attachment.sig>
More information about the kernel-team
mailing list