CVE-2023-54311

Summary

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix deadlock when converting an inline directory in nojournal mode

In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken the directory lock. There is a similar self-deadlock in ext4_incvert_inline_data_nolock() for data files which we'll fix at the same time.

A simple reproducer demonstrating the problem:

mke2fs -Fq -t ext2 -O inline_data -b 4k /dev/vdc 64
mount -t ext4 -o dirsync /dev/vdc /vdc
cd /vdc
mkdir file0
cd file0
touch file0
touch file1
attr -s BurnSpaceInEA -V abcde .
touch supercalifragilisticexpialidocious

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < b4fa4768c9acff77245d672d855d2c88294850b1affected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < 5f8b55136ad787aed2c184f7cb3e93772ae637a3affected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < 640c8c365999c6f23447ac766437236ad88317c5affected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < 665cc3ba50330049524c1d275bc840a8f28dde73affected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < 0b1c4357bb21d9770451a1bdb8d419ea10bada88affected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < 804de0c72cd473e186ca4e1f6287d45431b14e5aaffected
LinuxLinux3c47d54170b6a678875566b1b8d6dcf57904e49b < f4ce24f54d9cca4f09a395f3eecce20d6bec4663affected
LinuxLinux3.8affected
LinuxLinux0 < 3.8unaffected
LinuxLinux5.4.243 <= 5.4.*unaffected
LinuxLinux5.10.180 <= 5.10.*unaffected
LinuxLinux5.15.112 <= 5.15.*unaffected
LinuxLinux6.1.29 <= 6.1.*unaffected
LinuxLinux6.2.16 <= 6.2.*unaffected
LinuxLinux6.3.3 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References