Linux Kernel OCFS2 Reflink Attribute Cleanup Issue Vulnerability

A vulnerability exists in the Linux kernel's OCFS2 file system related to the handling of extended attribute (xattr) entries during a reflink operation. The issue arises because the cleanup process for preserved xattr entries does not correctly manage all scenarios. Specifically, the 'last' pointer needs to be adjusted after cleaning up an array entry, and the current logic fails to remove the first entry when the count is one. This vulnerability affects the Linux kernel stable group.

Impact

The vulnerability can lead to improper management of extended attributes in the OCFS2 file system, potentially causing data consistency issues or unexpected behavior during file operations that involve reflinked data.

Reproduction

To reproduce this vulnerability, perform a reflink operation on files within an OCFS2 file system that has extended attributes. After the operation, check the handling of the extended attributes, particularly looking for issues in the cleanup process of the xattr entries. The 'last' pointer should be manually adjusted after cleaning up an entry, and the first entry should be properly cleaned up when its count is one.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. The specific commits that fix this issue can be downloaded as part of the Linux kernel source.