CVE-2020-12655: 
Linux Kernel vulnerability analysis and mitigation

An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. The vulnerability (CVE-2020-12655) was discovered by Zheng Bin and reported in early 2020. The issue affects the XFS file system implementation where attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata (Ubuntu Security, NVD).

The vulnerability exists in the XFS file system's AGF (Allocation Group Free space) verification mechanism. The issue occurs when the filesystem encounters crafted metadata where agf_freeblks is set to 0 while the actual count is different (e.g., counted 3224 blocks), and agf_longest contains invalid values (e.g., 536874136). This mismatch between metadata values can cause the system to enter an endless loop during write operations (Kernel Commit). The vulnerability has a CVSS v3.1 base score of 5.5 (Medium) with attack vector being Local, attack complexity Low, and privileges required Low (Oracle VM Bulletin).

When exploited, this vulnerability can cause a denial of service condition through a system hang during sync operations. The issue specifically manifests when attempting to write to a filesystem with maliciously crafted metadata, causing excessive duration syncs that can effectively freeze the system (Ubuntu Security).

The issue was fixed in Linux kernel version 5.6.13 through a patch that adds additional validation checks in the xfs_agf_verify function. The fix includes verifying agf_freeblks against agf_longest and agf_length values to prevent the problematic condition (Kernel Commit). Various Linux distributions have backported this fix to their supported kernel versions, including Ubuntu 20.04 LTS (5.4.0-45.49), Ubuntu 18.04 LTS (4.15.0-115.116), and Ubuntu 16.04 LTS (4.4.0-222.255) (Ubuntu Security).