Linux Kernel Btrfs RAID Stripe Tree Corruption Vulnerability

A vulnerability in the Linux kernel's Btrfs file system has been addressed. The issue arose from using the function btrfs_set_item_key_safe() to modify keys in the RAID stripe-tree, which could corrupt the tree. This corruption was detected by Btrfs's internal checks, revealing a kernel bug related to invalid opcode errors. The vulnerability could lead to a critical failure in the file system's RAID management, potentially causing data loss or corruption.

Impact

Exploitation of this vulnerability could lead to a kernel panic, causing a critical system crash. Additionally, it could corrupt the Btrfs file system's RAID stripe management, potentially leading to data loss or further file system errors.

Reproduction

The vulnerability can be reproduced by using a Btrfs file system with RAID stripe allocation. The issue occurs when btrfs_set_item_key_safe() is used to modify RAID stripe keys, leading to tree corruption. This can be triggered during normal file system operations that involve RAID management.

Remediation

Users can avoid this vulnerability by not using RAID stripe allocation on Btrfs file systems. If the vulnerability has been encountered, it may be necessary to manually repair the file system using Btrfs's built-in recovery tools.