Linux Kernel Btrfs Inode List Leak Vulnerability During Backreference Resolution

A vulnerability in the Linux kernel's Btrfs file system has been addressed, which involved an inode list leak during backreference resolution. The issue arose because, during the backreference walking process, an error would trigger a jump to the 'out' label, where the 'parents' ulist was freed. However, this process did not free any inode lists attached to the ulist elements via the 'aux' field, leading to a leak of those lists. The vulnerability has been fixed by changing the cleanup process to call 'free_leaf_list()' instead of 'ulist_free()', ensuring that all attached inode lists are properly freed. The 'free_leaf_list()' function was also slightly simplified by removing unnecessary code.

Impact

The vulnerability could lead to a memory leak, where inode lists are not properly freed, potentially causing increased memory usage and degradation of system performance over time.