Linux Kernel Ext4 Refcount Leak Vulnerability in Xattr Inode Update

A vulnerability in the Linux kernel's Ext4 file system has been addressed, specifically related to a reference count leak in the 'ext4_xattr_inode_update_ref' function. The issue arose because the error handling path of this function failed to properly release the buffer head reference, leading to a resource leak. This oversight was discovered during a code review. The vulnerability could potentially cause a reference count underflow, which may disrupt the integrity of the file system's attribute handling.

Impact

The vulnerability could lead to a reference count leak, causing a resource management issue that might be exploited to manipulate the file system's behavior or integrity.

Reproduction

The vulnerability can be reproduced by invoking the 'ext4_xattr_inode_update_ref' function with a scenario that triggers the error handling path. This will result in the 'iloc.bh' reference not being released, creating a leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.