Linux Kernel FS-Cache Volume Collision Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's FS-Cache component, specifically within the volume management functions. The issue arises from a mismatch in the wait-queue handling when relinquishing and freeing cached volumes. The function 'wake_up_bit()' is used to signal the completion of volume freeing, but this does not align with 'wait_var_event()' in 'fscache_wait_on_volume_collision()', leading to a situation where the waiter is never awakened. If the release of a volume is delayed for more than 20 seconds, the initial wait times out, and subsequent waits can hang indefinitely. This blockage can cause tasks to be stalled for over 120 seconds, creating a potential volume collision scenario.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, where processes are blocked for extended periods, causing system unresponsiveness or delays in handling tasks.