Linux Kernel Superblock Data Integrity Vulnerability in Filesystems

A vulnerability in the Linux kernel's writeback mechanism for filesystems that do not guarantee data integrity during synchronization has been addressed. This issue primarily affects filesystems like FUSE. The vulnerability arose because the kernel would wait for writeback processes to complete, which is unnecessary for filesystems that cannot ensure data persistence. This behavior could lead to system hangs, particularly during suspend-to-RAM operations. The vulnerability has been resolved by introducing a superblock flag that allows the kernel to initiate writeback without waiting for it to finish, thereby preventing potential hangs.

Impact

The vulnerability could cause a system hang during suspend-to-RAM operations on FUSE filesystems, particularly with the overlayfs type, by improperly waiting for writeback processes to complete.

Reproduction

The vulnerability can be reproduced by using a FUSE filesystem, such as FUSE-overlayfs, and initiating a suspend-to-RAM operation. If the FUSE daemon is frozen or buggy, this will cause a hang, as the filesystem cannot process synchronous writeback requests under these conditions.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.