Linux Kernel ext4 Inline Data Handling Vulnerability

A vulnerability in the Linux kernel's ext4 file system has been identified, related to improper management of inline data. This issue arises when an ext4 file system is mounted without a journal, leading to a warning during the allocation of pages. The problem is linked to the handling of extended attributes, where the inline data offset and size are not correctly updated after certain operations. This can result in negative values being processed, triggering warnings when memory allocation functions are called.

Impact

The vulnerability can lead to kernel warnings and potential instability in the file system management.

Reproduction

The vulnerability can be reproduced by mounting an ext4 file system without a journal. Once the file system is mounted, the issue can be triggered by performing operations that involve inline data and extended attributes, such as adding entries or creating files, which will expose the incorrect handling of the inline data offset and size.

Remediation

Users should ensure that ext4 file systems are mounted with journaling enabled to prevent this vulnerability from being triggered.