In the Linux kernel, the following vulnerability has been resolved:
nfs: pass explicit offset/count to trace events
nfsfoliolength is unsafe to use without having the folio locked and a check for a NULL ->f_mapping that protects against truncations and can lead to kernel crashes. E.g. when running xfstests generic/065 with all nfs trace points enabled.
Follow the model of the XFS trace points and pass in an explіcit offset and length. This has the additional benefit that these values can be more accurate as some of the users touch partial folio ranges.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "237864679136393855018839451150054056505", "229531034941636389296194656944509831327", "175506199000776511188714569438024576296", "126730247980282749539628613365832061821", "313500133152211065598696232589600689137", "37477295688055651293477459295714215757", "1470728372072910500556919066130993693", "226815260740492744025532969255343909872", "221645241851198084340187283636617356884", "314017886589487289149589983333411102678", "2773601638519804693531842521579250585", "35559390252662183692880757147074140853", "66267609903721050613161700150778211916", "299656981273958799294343772421730968818" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Line", "target": { "file": "fs/nfs/read.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-1ae21048" }, { "digest": { "length": 293.0, "function_hash": "178735884351153826079651058872897321347" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Function", "target": { "function": "nfs_launder_folio", "file": "fs/nfs/file.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-1dc566ff" }, { "digest": { "length": 345.0, "function_hash": "338111963274710320041622861256280856118" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Function", "target": { "function": "nfs_invalidate_folio", "file": "fs/nfs/file.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-76fe5255" }, { "digest": { "line_hashes": [ "11177973060299049984848247584846974100", "185957699878677330406510046856909882537", "90345303004953490545627637818063909033", "113088427704922306525804257858836796931", "272193334885628137342379857929486008472", "200771592046018133623017382305035264530", "88774599411787600188215250444402602672", "135385104576267039145922643860160267916" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Line", "target": { "file": "fs/nfs/file.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-b4644b0d" }, { "digest": { "length": 995.0, "function_hash": "215635862290041387473446062460774109169" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Function", "target": { "function": "nfs_read_folio", "file": "fs/nfs/read.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-b7b51c79" }, { "digest": { "line_hashes": [ "93610250423261349951293580324067847478", "135013481296967361935348017260055050204", "114024530390906458182154518575467498610", "219536160441459006091089002636109390661", "205439458988079268114456330354432302090", "147959534698360582480835076797113888432", "131023793157872128272793605742282941379", "171960860375406072424963765235730008596", "155364452724657315893607538583026447719", "211545825880936802765917666040021176732", "241713174626825622240763281950945525719", "16743816586357900472367191817636392649", "58645151172457064521059911087927512020", "262109764017101958594017729759292335045", "134008859269284042744499300270606642246", "100737950112924179558583286752965862086", "205285062188785683657450229318780831519", "153641309966772744905842725082625511350", "159621312694100885645319899992416859973", "214645583344931032030634828693744375994", "135013481296967361935348017260055050204", "16635957023438752666043172956855417630", "708223420492238036515240981709763901", "243706644332267437261712216726461073023", "257507926723036567355595889453997121044", "154298722161113144152206438379725375792", "131915178976267011798033897006600649836", "158011075504060713994334630508810383208", "152722677973649296654142479411819679057", "148046411443885286922045059151341948901", "176685210118777980325829365681451163101", "264131234359177577449733591377959018315", "131023793157872128272793605742282941379", "171960860375406072424963765235730008596", "155364452724657315893607538583026447719", "211545825880936802765917666040021176732", "241713174626825622240763281950945525719", "16743816586357900472367191817636392649", "206397553158853653811670097352364073149", "44527590593702239040057908772266732384", "240353127485060421959312781856805110047", "20004945637618091985838478551041038369", "333644301215875255036066595167877264477", "281436751797326161771684394431738040338", "83130714498873681041613644942301615686", "159621312694100885645319899992416859973", "327059256353800446368376830375669392493", "131915178976267011798033897006600649836", "158011075504060713994334630508810383208", "21467274750304539370285485870016485623", "306425148627959541390093787320330924240", "298238228564571257598950569687970216482", "325871893160613386174267382958668747384" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Line", "target": { "file": "fs/nfs/nfstrace.h" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-ea5bedfe" }, { "digest": { "line_hashes": [ "101775472077940965960862182708133089539", "145657232247894635544253443131840214897", "95669775154151533398932872161673623201", "85615194304554509655539317581307117483", "88104082205202509480171924093068405349", "50631104658276608531230258209198129776", "145832696414939122344251135234551012202", "105810415499376695663496204804137370400", "94380716235941841643539616309422799407", "36072303308735702188513309933639450235", "33133588478526443235670880916346549848", "128484567929567398960772538347705158136", "107651062879889225078840427918273898402", "17319488645712945799755243841595500814", "95889857716825133066543598266964128704", "148635382792198065314913228040205870189", "227866119536981474837060530821134084640" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Line", "target": { "file": "fs/nfs/write.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-ed37feb1" }, { "digest": { "length": 596.0, "function_hash": "321925492160714661862780337706875026172" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fada32ed6dbc748f447c8d050a961b75d946055a", "signature_type": "Function", "target": { "function": "nfs_wb_folio", "file": "fs/nfs/write.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-43826-f7f97bbf" } ] }