CVE-2024-47680: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bdev_is_zoned(). This check works well for most cases, but it does not work for conventional zones on zoned block devices. F2fs assumes that zoned block devices support discard, and calls __submit_discard_cmd(). When __submit_discard_cmd() is called for sequential write required zones, it works fine since __submit_discard_cmd() issues zone reset commands instead of discard commands. However, when __submit_discard_cmd() is called for conventional zones, __blkdev_issue_discard() is called even when the devices do not support discard. The inappropriate __blkdev_issue_discard() call was not a problem before the commit 30f1e7241422 ("block: move discard checks into the ioctl handler") because __blkdev_issue_discard() checked if the target devices support discard or not. If not, it returned EOPNOTSUPP. After the commit, __blkdev_issue_discard() no longer checks it. It always returns zero and sets NULL to the given bio pointer. This NULL pointer triggers f2fs_bug_on() in __submit_discard_cmd(). The BUG is recreated with the commands below at the umount step, where /dev/nullb0 is a zoned null_blk with 5GB total size, 128MB zone size and 10 conventional zones. $ mkfs.f2fs -f -m /dev/nullb0 $ mount /dev/nullb0 /mnt $ for ((i=0;i<5;i++)); do dd if=/dev/zero of=/mnt/test bs=65536 count=1600 conv=fsync; done $ umount /mnt To fix the BUG, avoid the inappropriate __blkdev_issue_discard() call. When discard is requested for conventional zones, check if the device supports discard or not. If not, return EOPNOTSUPP.
AI Analysis
Technical Summary
CVE-2024-47680 is a vulnerability in the Linux kernel's F2FS (Flash-Friendly File System) implementation related to discard support handling on zoned block devices. Zoned block devices divide storage into zones that can be either sequential write required or conventional. The F2FS file system uses the helper function f2fs_bdev_support_discard() to determine if the underlying block device supports discard operations, which are used to inform the device about unused blocks to optimize storage management. This function relies on bdev_max_discard_sectors() and bdev_is_zoned() to check discard support. However, it incorrectly assumes that all zones on zoned block devices support discard. While sequential write required zones handle discard commands as zone resets, conventional zones do not necessarily support discard. After a kernel commit (30f1e7241422), the __blkdev_issue_discard() function stopped verifying discard support and always returns success with a NULL bio pointer if discard is unsupported. This leads to a NULL pointer dereference in __submit_discard_cmd(), triggering a kernel BUG during unmount operations on F2FS volumes on zoned block devices with conventional zones that do not support discard. The vulnerability can be reproduced by formatting a zoned null_blk device with F2FS, writing data, and unmounting, causing a kernel panic. The fix involves adding a check to ensure discard is only issued if the device supports it for conventional zones, returning EOPNOTSUPP otherwise. This vulnerability affects Linux kernel versions containing the specified commit and impacts systems using zoned block devices with F2FS. It can cause denial of service via kernel crash during unmount, potentially impacting system stability and availability.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of denial of service (DoS) on Linux systems using F2FS on zoned block devices with conventional zones that do not support discard. Such systems could experience kernel panics and crashes during routine unmount operations, leading to service interruptions, potential data loss, and operational downtime. This is particularly relevant for organizations relying on Linux servers or embedded systems with zoned block devices, such as those using advanced storage technologies like SMR (Shingled Magnetic Recording) or zoned SSDs. Critical infrastructure, cloud service providers, and enterprises with high availability requirements could face increased risk if affected systems are deployed in production environments without the patch. The vulnerability does not appear to allow privilege escalation or remote code execution but can disrupt system availability, which may impact business continuity and compliance with European regulations on operational resilience. Given the growing adoption of zoned storage for cost and performance benefits, the impact could be significant in sectors like telecommunications, finance, and manufacturing where Linux is prevalent.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify Linux systems using F2FS on zoned block devices, especially those with conventional zones that may not support discard. 2) Apply the official Linux kernel patches that fix CVE-2024-47680 as soon as they become available, or upgrade to a kernel version that includes the fix. 3) If immediate patching is not possible, avoid unmounting F2FS volumes on affected devices during critical operations or implement controlled shutdown procedures to minimize kernel panic risk. 4) Monitor system logs for kernel BUG messages related to discard operations on zoned devices to detect potential exploitation attempts or crashes. 5) Review storage device configurations and consider disabling discard operations on conventional zones if supported by the device and filesystem. 6) Engage with hardware vendors to confirm discard support status and firmware updates for zoned block devices. 7) Incorporate this vulnerability into vulnerability management and incident response plans to ensure rapid detection and remediation. These targeted actions go beyond generic advice by focusing on the specific interaction between F2FS, zoned block devices, and discard support.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Norway, Denmark, Italy, Spain
CVE-2024-47680: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bdev_is_zoned(). This check works well for most cases, but it does not work for conventional zones on zoned block devices. F2fs assumes that zoned block devices support discard, and calls __submit_discard_cmd(). When __submit_discard_cmd() is called for sequential write required zones, it works fine since __submit_discard_cmd() issues zone reset commands instead of discard commands. However, when __submit_discard_cmd() is called for conventional zones, __blkdev_issue_discard() is called even when the devices do not support discard. The inappropriate __blkdev_issue_discard() call was not a problem before the commit 30f1e7241422 ("block: move discard checks into the ioctl handler") because __blkdev_issue_discard() checked if the target devices support discard or not. If not, it returned EOPNOTSUPP. After the commit, __blkdev_issue_discard() no longer checks it. It always returns zero and sets NULL to the given bio pointer. This NULL pointer triggers f2fs_bug_on() in __submit_discard_cmd(). The BUG is recreated with the commands below at the umount step, where /dev/nullb0 is a zoned null_blk with 5GB total size, 128MB zone size and 10 conventional zones. $ mkfs.f2fs -f -m /dev/nullb0 $ mount /dev/nullb0 /mnt $ for ((i=0;i<5;i++)); do dd if=/dev/zero of=/mnt/test bs=65536 count=1600 conv=fsync; done $ umount /mnt To fix the BUG, avoid the inappropriate __blkdev_issue_discard() call. When discard is requested for conventional zones, check if the device supports discard or not. If not, return EOPNOTSUPP.
AI-Powered Analysis
Technical Analysis
CVE-2024-47680 is a vulnerability in the Linux kernel's F2FS (Flash-Friendly File System) implementation related to discard support handling on zoned block devices. Zoned block devices divide storage into zones that can be either sequential write required or conventional. The F2FS file system uses the helper function f2fs_bdev_support_discard() to determine if the underlying block device supports discard operations, which are used to inform the device about unused blocks to optimize storage management. This function relies on bdev_max_discard_sectors() and bdev_is_zoned() to check discard support. However, it incorrectly assumes that all zones on zoned block devices support discard. While sequential write required zones handle discard commands as zone resets, conventional zones do not necessarily support discard. After a kernel commit (30f1e7241422), the __blkdev_issue_discard() function stopped verifying discard support and always returns success with a NULL bio pointer if discard is unsupported. This leads to a NULL pointer dereference in __submit_discard_cmd(), triggering a kernel BUG during unmount operations on F2FS volumes on zoned block devices with conventional zones that do not support discard. The vulnerability can be reproduced by formatting a zoned null_blk device with F2FS, writing data, and unmounting, causing a kernel panic. The fix involves adding a check to ensure discard is only issued if the device supports it for conventional zones, returning EOPNOTSUPP otherwise. This vulnerability affects Linux kernel versions containing the specified commit and impacts systems using zoned block devices with F2FS. It can cause denial of service via kernel crash during unmount, potentially impacting system stability and availability.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of denial of service (DoS) on Linux systems using F2FS on zoned block devices with conventional zones that do not support discard. Such systems could experience kernel panics and crashes during routine unmount operations, leading to service interruptions, potential data loss, and operational downtime. This is particularly relevant for organizations relying on Linux servers or embedded systems with zoned block devices, such as those using advanced storage technologies like SMR (Shingled Magnetic Recording) or zoned SSDs. Critical infrastructure, cloud service providers, and enterprises with high availability requirements could face increased risk if affected systems are deployed in production environments without the patch. The vulnerability does not appear to allow privilege escalation or remote code execution but can disrupt system availability, which may impact business continuity and compliance with European regulations on operational resilience. Given the growing adoption of zoned storage for cost and performance benefits, the impact could be significant in sectors like telecommunications, finance, and manufacturing where Linux is prevalent.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify Linux systems using F2FS on zoned block devices, especially those with conventional zones that may not support discard. 2) Apply the official Linux kernel patches that fix CVE-2024-47680 as soon as they become available, or upgrade to a kernel version that includes the fix. 3) If immediate patching is not possible, avoid unmounting F2FS volumes on affected devices during critical operations or implement controlled shutdown procedures to minimize kernel panic risk. 4) Monitor system logs for kernel BUG messages related to discard operations on zoned devices to detect potential exploitation attempts or crashes. 5) Review storage device configurations and consider disabling discard operations on conventional zones if supported by the device and filesystem. 6) Engage with hardware vendors to confirm discard support status and firmware updates for zoned block devices. 7) Incorporate this vulnerability into vulnerability management and incident response plans to ensure rapid detection and remediation. These targeted actions go beyond generic advice by focusing on the specific interaction between F2FS, zoned block devices, and discard support.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-09-30T16:00:12.940Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9825c4522896dcbe04c7
Added to database: 5/21/2025, 9:08:53 AM
Last enriched: 6/28/2025, 7:26:33 PM
Last updated: 8/15/2025, 1:54:44 AM
Views: 14
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.