Linux Kernel ext4 Filesystem Use-After-Free Vulnerability in Orphan Cleanup Function

A use-after-free vulnerability has been identified in the ext4 filesystem component of the Linux kernel. This issue arises in the 'ext4_orphan_cleanup' function, where improper management of inode references can lead to memory corruption. The vulnerability is triggered when the 'ext4_inode_attach_jinode' function fails, causing an inode to be freed while still being referenced, which can be exploited to manipulate memory.

Impact

Exploitation of this vulnerability can lead to memory corruption, which may be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the system.

Reproduction

The vulnerability can be reproduced by mounting a filesystem with the ext4 filesystem type and triggering the orphan cleanup process. This can be done by performing operations that cause inodes to be orphaned, such as deleting files or directories. The 'ext4_orphan_cleanup' function will then be called, during which the use-after-free vulnerability can be exploited by manipulating the inode references.

Remediation

Users can upgrade to the patched version of the Linux kernel available in the Linux Kernel Archive.