{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE << MAX_ORDER) / sizeof(struct ext4_new_group_data) ≈ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/ext4/resize.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "cd1f93ca97a9", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "b183fe8702e7", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "cfbbb3199e71", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "d76c8d7ffe16", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "6d2cbf517dca", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "8b1413dbfe49", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "dc3e0f55bec4", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "5d1935ac02ca", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/ext4/resize.c" ], "versions": [ { "version": "4.19.307", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.269", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.210", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.149", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.77", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.16", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.7.4", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/cd1f93ca97a9136989f3bd2bf90696732a2ed644" }, { "url": "https://git.kernel.org/stable/c/b183fe8702e78bba3dcef8e7193cab6898abee07" }, { "url": "https://git.kernel.org/stable/c/cfbbb3199e71b63fc26cee0ebff327c47128a1e8" }, { "url": "https://git.kernel.org/stable/c/d76c8d7ffe163c6bf2f1ef680b0539c2b3902b90" }, { "url": "https://git.kernel.org/stable/c/6d2cbf517dcabc093159cf138ad5712c9c7fa954" }, { "url": "https://git.kernel.org/stable/c/8b1413dbfe49646eda2c00c0f1144ee9d3368e0c" }, { "url": "https://git.kernel.org/stable/c/dc3e0f55bec4410f3d74352c4a7c79f518088ee2" }, { "url": "https://git.kernel.org/stable/c/5d1935ac02ca5aee364a449a35e2977ea84509b0" } ], "title": "ext4: avoid online resizing failures due to oversized flex bg", "x_generator": { "engine": "bippy-a5840b7849dd" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2023-52622", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }