CVE-2021-47460: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode format. The code in ocfs2_convert_inline_data_to_extents() attempts to zero out the whole cluster allocated for file data by grabbing, zeroing, and dirtying all pages covering this cluster. However these pages are beyond i_size, thus writeback code generally ignores these dirty pages and no blocks were ever actually zeroed on the disk. This oversight was fixed by commit 693c241a5f6a ("ocfs2: No need to zero pages past i_size.") for standard ocfs2 write path, inline conversion path was apparently forgotten; the commit log also has a reasoning why the zeroing actually is not needed. After commit 6dbf7bb55598, things became worse as writeback code stopped invalidating buffers on pages beyond i_size and thus these pages end up with clean PageDirty bit but with buffers attached to these pages being still dirty. So when a file is converted from inline format, then writeback triggers, and then the file is grown so that these pages become valid, the invalid dirtiness state is preserved, mark_buffer_dirty() does nothing on these pages (buffers are already dirty) but page is never written back because it is clean. So data written to these pages is lost once pages are reclaimed. Simple reproducer for the problem is: xfs_io -f -c "pwrite 0 2000" -c "pwrite 2000 2000" -c "fsync" \ -c "pwrite 4000 2000" ocfs2_file After unmounting and mounting the fs again, you can observe that end of 'ocfs2_file' has lost its contents. Fix the problem by not doing the pointless zeroing during conversion from inline format similarly as in the standard write path. [akpm@linux-foundation.org: fix whitespace, per Joseph]
AI Analysis
Technical Summary
CVE-2021-47460 is a vulnerability identified in the Linux kernel's OCFS2 (Oracle Cluster File System version 2) implementation, specifically related to the handling of file data during conversion from inline inode format to a normal inode format. The vulnerability arises from a latent bug introduced after commit 6dbf7bb55598, which changed the behavior of page buffer invalidation in the block_write_full_page() function. The OCFS2 conversion function ocfs2_convert_inline_data_to_extents() attempts to zero out entire clusters allocated for file data by marking pages beyond the file's i_size as dirty and zeroing them. However, because these pages lie beyond the file size, the writeback code ignores these dirty pages, resulting in no actual zeroing on disk. This inconsistency was partially addressed in a later commit (693c241a5f6a) for the standard OCFS2 write path but was overlooked for the inline conversion path. The problem worsens after commit 6dbf7bb55598 because the writeback code stopped invalidating buffers on pages beyond i_size, causing pages to have a clean PageDirty bit while their buffers remain dirty. When a file is converted from inline format and writeback is triggered, followed by file growth that makes these pages valid, the dirty state is not properly preserved. Consequently, data written to these pages can be lost when pages are reclaimed, as the page is considered clean and is not written back to disk. This leads to silent data corruption. A simple reproduction involves using xfs_io to write data at various offsets and syncing, then unmounting and remounting the filesystem to observe data loss at the file's end. The fix involves eliminating unnecessary zeroing during inline format conversion, aligning it with the standard write path behavior. This vulnerability affects Linux kernel versions containing the specified commits and impacts systems using the OCFS2 filesystem. It does not require authentication or user interaction to trigger but requires file operations on OCFS2 volumes. No known exploits are reported in the wild as of the publication date.
Potential Impact
For European organizations, the impact of CVE-2021-47460 primarily concerns data integrity and availability on systems utilizing the OCFS2 filesystem. OCFS2 is commonly used in clustered environments and enterprise storage solutions, particularly in Oracle-related deployments and high-availability clusters. Data corruption resulting from this vulnerability can lead to loss of critical file contents silently, undermining trust in data storage and potentially causing operational disruptions. This is especially critical for sectors relying on clustered Linux storage for databases, financial records, or sensitive information, such as banking, healthcare, and government agencies. The silent nature of the corruption complicates detection and recovery, increasing the risk of prolonged data integrity issues. Although the vulnerability does not directly compromise confidentiality or allow remote code execution, the loss of data integrity and potential downtime can have significant business and regulatory consequences under European data protection laws.
Mitigation Recommendations
To mitigate CVE-2021-47460, European organizations should: 1. Apply the official Linux kernel patches that address this vulnerability as soon as they become available from trusted sources or Linux distribution vendors. Monitor kernel updates specifically for OCFS2 fixes. 2. Audit and identify all systems using the OCFS2 filesystem, particularly in clustered or high-availability environments, to prioritize patching efforts. 3. Implement rigorous backup and data integrity verification procedures for OCFS2 volumes to detect and recover from potential silent data corruption. 4. Where feasible, consider migrating critical data from OCFS2 to more widely used and actively maintained filesystems with robust integrity guarantees, such as ext4 or XFS, until patches are applied. 5. Monitor filesystem health and logs for unusual writeback or data loss symptoms, and conduct regular filesystem consistency checks. 6. Limit write operations and file conversions on OCFS2 volumes during the patching window to reduce exposure. These steps go beyond generic advice by focusing on filesystem-specific actions and operational controls tailored to OCFS2 environments.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2021-47460: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode format. The code in ocfs2_convert_inline_data_to_extents() attempts to zero out the whole cluster allocated for file data by grabbing, zeroing, and dirtying all pages covering this cluster. However these pages are beyond i_size, thus writeback code generally ignores these dirty pages and no blocks were ever actually zeroed on the disk. This oversight was fixed by commit 693c241a5f6a ("ocfs2: No need to zero pages past i_size.") for standard ocfs2 write path, inline conversion path was apparently forgotten; the commit log also has a reasoning why the zeroing actually is not needed. After commit 6dbf7bb55598, things became worse as writeback code stopped invalidating buffers on pages beyond i_size and thus these pages end up with clean PageDirty bit but with buffers attached to these pages being still dirty. So when a file is converted from inline format, then writeback triggers, and then the file is grown so that these pages become valid, the invalid dirtiness state is preserved, mark_buffer_dirty() does nothing on these pages (buffers are already dirty) but page is never written back because it is clean. So data written to these pages is lost once pages are reclaimed. Simple reproducer for the problem is: xfs_io -f -c "pwrite 0 2000" -c "pwrite 2000 2000" -c "fsync" \ -c "pwrite 4000 2000" ocfs2_file After unmounting and mounting the fs again, you can observe that end of 'ocfs2_file' has lost its contents. Fix the problem by not doing the pointless zeroing during conversion from inline format similarly as in the standard write path. [akpm@linux-foundation.org: fix whitespace, per Joseph]
AI-Powered Analysis
Technical Analysis
CVE-2021-47460 is a vulnerability identified in the Linux kernel's OCFS2 (Oracle Cluster File System version 2) implementation, specifically related to the handling of file data during conversion from inline inode format to a normal inode format. The vulnerability arises from a latent bug introduced after commit 6dbf7bb55598, which changed the behavior of page buffer invalidation in the block_write_full_page() function. The OCFS2 conversion function ocfs2_convert_inline_data_to_extents() attempts to zero out entire clusters allocated for file data by marking pages beyond the file's i_size as dirty and zeroing them. However, because these pages lie beyond the file size, the writeback code ignores these dirty pages, resulting in no actual zeroing on disk. This inconsistency was partially addressed in a later commit (693c241a5f6a) for the standard OCFS2 write path but was overlooked for the inline conversion path. The problem worsens after commit 6dbf7bb55598 because the writeback code stopped invalidating buffers on pages beyond i_size, causing pages to have a clean PageDirty bit while their buffers remain dirty. When a file is converted from inline format and writeback is triggered, followed by file growth that makes these pages valid, the dirty state is not properly preserved. Consequently, data written to these pages can be lost when pages are reclaimed, as the page is considered clean and is not written back to disk. This leads to silent data corruption. A simple reproduction involves using xfs_io to write data at various offsets and syncing, then unmounting and remounting the filesystem to observe data loss at the file's end. The fix involves eliminating unnecessary zeroing during inline format conversion, aligning it with the standard write path behavior. This vulnerability affects Linux kernel versions containing the specified commits and impacts systems using the OCFS2 filesystem. It does not require authentication or user interaction to trigger but requires file operations on OCFS2 volumes. No known exploits are reported in the wild as of the publication date.
Potential Impact
For European organizations, the impact of CVE-2021-47460 primarily concerns data integrity and availability on systems utilizing the OCFS2 filesystem. OCFS2 is commonly used in clustered environments and enterprise storage solutions, particularly in Oracle-related deployments and high-availability clusters. Data corruption resulting from this vulnerability can lead to loss of critical file contents silently, undermining trust in data storage and potentially causing operational disruptions. This is especially critical for sectors relying on clustered Linux storage for databases, financial records, or sensitive information, such as banking, healthcare, and government agencies. The silent nature of the corruption complicates detection and recovery, increasing the risk of prolonged data integrity issues. Although the vulnerability does not directly compromise confidentiality or allow remote code execution, the loss of data integrity and potential downtime can have significant business and regulatory consequences under European data protection laws.
Mitigation Recommendations
To mitigate CVE-2021-47460, European organizations should: 1. Apply the official Linux kernel patches that address this vulnerability as soon as they become available from trusted sources or Linux distribution vendors. Monitor kernel updates specifically for OCFS2 fixes. 2. Audit and identify all systems using the OCFS2 filesystem, particularly in clustered or high-availability environments, to prioritize patching efforts. 3. Implement rigorous backup and data integrity verification procedures for OCFS2 volumes to detect and recover from potential silent data corruption. 4. Where feasible, consider migrating critical data from OCFS2 to more widely used and actively maintained filesystems with robust integrity guarantees, such as ext4 or XFS, until patches are applied. 5. Monitor filesystem health and logs for unusual writeback or data loss symptoms, and conduct regular filesystem consistency checks. 6. Limit write operations and file conversions on OCFS2 volumes during the patching window to reduce exposure. These steps go beyond generic advice by focusing on filesystem-specific actions and operational controls tailored to OCFS2 environments.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-22T06:20:56.197Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde104
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 5:11:25 AM
Last updated: 8/14/2025, 4:07:11 PM
Views: 12
Related Threats
CVE-2025-6180: CWE-319 Cleartext Transmission of Sensitive Information in StrongDM sdm-cli
HighCVE-2025-50901: n/a
UnknownCVE-2025-8415: Authentication Bypass by Alternate Name in Red Hat Cryostat 4
MediumCVE-2025-8612: CWE-59: Improper Link Resolution Before File Access ('Link Following') in AOMEI Backupper Workstation
HighCVE-2025-8611: CWE-306: Missing Authentication for Critical Function in AOMEI Cyber Backup
CriticalActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.