Linux Kernel Netfs Component Asynchronous Direct I/O Vulnerability

A vulnerability in the Linux kernel's netfs component has been addressed. The issue arose because netfs_extract_user_iter() could not properly handle kernel-initiated asynchronous direct I/O (DIO) when supplied with a bio_vec array. This limitation was triggered by a combination of the Common Internet File System (CIFS) and a loopback block device. The improper handling caused warnings and write operations to fail. The vulnerability has been resolved by modifying netfs_unbuffered_write_iter_locked() to correctly process asynchronous kernel DIO writes.

Impact

The vulnerability could lead to warnings being logged and write operations failing, disrupting intended data transfer processes.

Reproduction

The vulnerability could be reproduced by mounting a CIFS share, creating a file on the mounted share, and then setting up a loopback device with direct I/O enabled. Writing data to the loopback device would trigger the vulnerability, causing a warning to be logged and the write operation to fail.