Ming Yan

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 5.17 **Description** A bug in the F2FS file system has been identified, which can cause the kernel to panic when the `dec valid node count()` function is called. The issue occurs when the `.total valid block count` or `.total valid node count` values are fuzzed to zero. This bug can be reproduced by running specific commands and is evident in the kernel message. The root cause of the issue is related to the `f2fs bug on()` function in `dec valid node count()`. **Recommendations** For Linux kernel version 5.17, apply the patch that fixes the issue by printing warning information and setting `SBI NEED FSCK` into `CP` instead of panicking.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A bug in the Linux kernel has been reported, which can cause a kernel panic. The issue occurs when an inode has both inline data and encrypted flags, leading to conflicting flags during f2fs evict inode(). This conflict causes inline data conversion, polluting the page cache and triggering a panic in clear inode(). The bug can be reproduced and has been reported in Bugzilla kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A bug in the Linux kernel has been identified, specifically in the f2fs file system. The issue arises from an inconsistency between `ckpt.valid block count` and the SIT table, leading to a panic during garbage collection when the LFS allocator fails to find a free segment. This inconsistency causes the filesystem to incorrectly indicate that it has free blocks, while the SIT table shows no free segments. The problem is triggered when the `do garbage collect` function is called, resulting in a kernel bug. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 5.17 **Description** A bug in the F2FS file system has been identified, which can cause a panic when updating the SIT table with an invalid block address. The issue occurs when the block mapping information in the inode becomes inconsistent with the SIT table after an image has been fuzzed. This inconsistency can lead to a crash in the `f2fs fallocate()` function. The estimated number of potentially affected devices is not provided. **Recommendations** For Linux kernel version 5.17, apply the fix by adding a sanity check on the block address in the `f2fs do zero range()` function to prevent the panic. As a temporary workaround, consider disabling the `f2fs fallocate()` function until a patch is available. Restrict access to the F2FS file system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved, specifically in the f2fs file system. The issue occurs when the `f2fs evict inode()` function is called, causing a dirty inode to not be properly cleared. This happens because the inode node and dnode node share the same nid, leading to the invalidation of the NAT entry during dnode node truncation. As a result, when truncating the inode node, the process fails due to the invalid NAT entry, causing the inode to remain marked as dirty. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for the `f2fs evict inode()` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.