Linux Kernel Btrfs Component Balance and Cancel/Pause Race Condition Vulnerability

A race condition vulnerability has been identified in the Btrfs file system component of the Linux kernel. This issue arises during the balance operation, where a pause or cancel request can interfere with the process, leading to a kernel panic. The vulnerability is present in the Linux kernel stable tree, specifically in versions 6.1 and later. The root cause lies in improper error handling when balancing operations are paused or canceled, which can disrupt the expected cleanup process. Exploitation of this vulnerability involves running a balance operation concurrently with a cancel or pause request, causing the system to assert an unexpected state.

Impact

The vulnerability can cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by initiating a balance operation in the Btrfs file system while simultaneously sending a cancel or pause request. This can be done using the Btrfs balance command along with the cancel or pause options, creating a conflict that the current error handling does not properly manage.

Remediation

Users can apply the patch available in the Linux kernel stable repository to address this vulnerability.