Linux Kernel Ext4 Deadlock Avoidance Vulnerability

A vulnerability in the Linux kernel's ext4 file system has been addressed by changing the memory allocation flag from GFP_KERNEL to GFP_NOFS. This modification prevents potential deadlocks, as the parent function ext4_xattr_inode_lookup_create already utilizes GFP_NOFS. The vulnerability was introduced because the ext4_xattr_inode_cache_find function did not align with the same memory allocation practices, creating a risk of deadlock under certain conditions.

Impact

The vulnerability could lead to a deadlock situation, where processes are stuck waiting for each other to release resources, potentially causing system hangs or unresponsiveness.

Reproduction

The vulnerability can be reproduced by invoking the ext4_xattr_inode_cache_find function without the appropriate memory allocation flag, which can be simulated in a development environment by modifying the ext4 file system code to use GFP_KERNEL instead of GFP_NOFS. This will create a scenario where the function is susceptible to deadlock, as it will not properly manage memory allocation during critical operations that require non-blocking behavior.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. Instructions for downloading the patched version can be found in the Linux kernel Git repository.