CVE-2021-4155: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-4155 is a data leak vulnerability discovered in the XFS filesystem's XFS_IOC_ALLOCSP IOCTL implementation. The flaw allowed for size increase of files with unaligned size, potentially exposing sensitive data. The vulnerability was discovered by Kirill Tkhai from the Virtuozzo Kernel team and was fixed in Linux Kernel 5.16 (Kernel Commit, OSS Security).

The vulnerability occurs when a file is truncated by an unaligned size and then the XFS_IOC_ALLOCSP IOCTL is used to increase the file size up to 4096 bytes. In this scenario, xfs_ioc_space()->xfs_vn_setattr_size() fails to zero the memory region between round_down(size, 4096) and size, leading to potential data leakage. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (NVD).

The vulnerability allows local attackers to access data on the XFS filesystem that would otherwise be inaccessible to them. This could lead to unauthorized disclosure of sensitive information stored in the filesystem (Red Hat CVE).

The vulnerability was fixed in Linux Kernel 5.16 by modifying the behavior of XFS_IOC_ALLOCSP IOCTL to properly handle unaligned file sizes. The fix makes the behavior consistent with other similar operations like fallocate and RESVSP. Various Linux distributions have backported the fix to their maintained kernel versions (Debian Security, Red Hat Errata).