Linux Kernel Netfs Ceph Cache Copy Vulnerability

A vulnerability in the Linux kernel's netfs component when handling Ceph filesystems has been addressed. The issue arose in the 'netfs_unlock_read_folio()' function, where folios are prepared for caching by marking them dirty or setting their private data. After unlocking, the folio_queue entry is cleared, creating a problem for 'netfs_pgpriv2_write_to_the_cache()', which relies on this queue to locate folios for caching. This flaw could lead to a system hang. The vulnerability could be reproduced by starting cachefiles, mounting a Ceph filesystem with the 'fsc' option, and writing to it.

Impact

Exploitation of this vulnerability could cause a system hang, disrupting normal operations.

Reproduction

To reproduce this vulnerability, start the cachefiles service, mount a Ceph filesystem with the 'fsc' option, and write to the mounted filesystem.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed.