Linux Kernel ext4 Inline Data Size Staleness Vulnerability Leading to Denial-of-Service

A vulnerability in the ext4 file system of the Linux kernel can cause a denial-of-service condition by crashing the system. This issue arises because the cached inline data size can become outdated due to concurrent operations, leading to a mismatch between the expected and actual data capacity. When the inline data size is incorrectly assumed to be larger than it is, a write operation can attempt to send more data than can be accommodated, triggering a kernel panic. The vulnerability affects the Linux kernel's stable releases.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations and potentially leading to a crash.

Reproduction

The vulnerability can be reproduced by performing a write operation to a file with inline data while simultaneously modifying the file's extended attributes (xattrs) from another thread. This creates a race condition where the inline data size is read correctly but becomes stale before it is used, causing a mismatch that triggers the denial-of-service condition.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.