{"id":"CVE-2024-26869","summary":"f2fs: fix to truncate meta inode pages forcely","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to truncate meta inode pages forcely\n\nBelow race case can cause data corruption:\n\nThread A\t\t\t\tGC thread\n\t\t\t\t\t- gc_data_segment\n\t\t\t\t\t - ra_data_block\n\t\t\t\t\t  - locked meta_inode page\n- f2fs_inplace_write_data\n - invalidate_mapping_pages\n : fail to invalidate meta_inode page\n   due to lock failure or dirty|writeback\n   status\n - f2fs_submit_page_bio\n : write last dirty data to old blkaddr\n\t\t\t\t\t - move_data_block\n\t\t\t\t\t  - load old data from meta_inode page\n\t\t\t\t\t  - f2fs_submit_page_write\n\t\t\t\t\t  : write old data to new blkaddr\n\nBecause invalidate_mapping_pages() will skip invalidating page which\nhas unclear status including locked, dirty, writeback and so on, so\nwe need to use truncate_inode_pages_range() instead of\ninvalidate_mapping_pages() to make sure meta_inode page will be dropped.","modified":"2026-05-07T04:17:24.891552Z","published":"2024-04-17T10:27:30.100Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26869.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/04226d8e3c4028dc451e9d8777356ec0f7919253"},{"type":"WEB","url":"https://git.kernel.org/stable/c/77bfdb89cc222fc7bfe198eda77bdc427d5ac189"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f0c4a46be1fe9b97dbe66d49204c1371e3ece65"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c92f2927df860a60ba815d3ee610a944b92a8694"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26869.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26869"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6aa58d8ad20a3323f42274c25820a6f54192422d"},{"fixed":"c92f2927df860a60ba815d3ee610a944b92a8694"},{"fixed":"77bfdb89cc222fc7bfe198eda77bdc427d5ac189"},{"fixed":"04226d8e3c4028dc451e9d8777356ec0f7919253"},{"fixed":"9f0c4a46be1fe9b97dbe66d49204c1371e3ece65"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26869.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.19.0"},{"fixed":"6.6.23"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.7.11"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.8.0"},{"fixed":"6.8.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26869.json"}}],"schema_version":"1.7.5"}