CVE-2023-52759

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when multiple quota changes are made, potentially leading to an inode's quota information being increased and then decreased. This can occur when blocks are added to a file and then deleted. If the timing is right, the do qc function can add pending quota changes to a transaction, and a subsequent call can negate those changes, resulting in a net gain of 0. The quota change information is recorded in the qc buffer and the qd element of the inode. The buffer is added to the transaction by the first call to do qc, but a subsequent call changes the value from non-zero back to zero. Later, when the quota sync code is called, the zero-change qd element is discovered and flagged as an assert warning. If the file system is mounted with errors=panic, the kernel will panic. This usually happens when files are truncated, and the quota changes are negated by punch hole/truncate, which uses gfs2 quota hold and gfs2 quota unhold rather than block allocations that use gfs2 quota lock and gfs2 quota unlock, which automatically do quota sync.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.