CVE-2021-46945

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the commit 014c9caa29d3

Description The issue is related to the ext4 file system in the Linux kernel. Before commit 014c9caa29d3, a series of commands could trigger a panic. The commands include mounting a file system with the "errors=panic" option and then remounting it with the "abort" option. After the commit, remounting with the "abort" option no longer triggers a panic. However, this change also introduces a new behavior where a different series of commands will cause a panic, which previously did not. The commands that now cause a panic include mounting with "errors=panic" and then writing to a specific file system trigger. This change makes the ext4 behavior more consistent.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the commit 014c9caa29d3 or later. As a temporary workaround, consider avoiding the use of the "errors=panic" and "abort" mount options together until a patch is available. Restrict access to the file system trigger to minimize the risk of exploitation.