CVE-2024-43885 Information

Aug 27, 2024 cve

Description

In the Linux kernel the following vulnerability has been resolved:

btrfs: fix double inode unlock for direct IO sync writes

If we do a direct IO sync write at btrfs_sync_file() and we need to skip inode logging or we get an error starting a transaction or an error when flushing delalloc we end up unlocking the inode when we shouldn’t under the ‘out_release_extents’ label and then unlock it again at btrfs_direct_write().

Fix that by checking if we have to skip inode unlocking under that label.

Reference

https://git.kernel.org/stable/c/1a607d22dea4f60438747705495ec4d0af2ec451 https://git.kernel.org/stable/c/8bd4c9220416111500c275546c69c63d42185793 https://git.kernel.org/stable/c/7ba27f14161fc20c4fc0051658a22ddd832eb0aa https://git.kernel.org/stable/c/d924a0be2f218501588cf463d70f1c71afea06d9 https://git.kernel.org/stable/c/e0391e92f9ab4fb3dbdeb139c967dcfa7ac4b115

Share on: