David Alan Gilbert

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.9-rc4 Description: A flaw in the Linux kernel's XFS file system can cause a denial of service. The issue arises from a failure of the file system metadata validator, which can incorrectly flag an inode with a valid extended attribute as corrupt. This can lead to the filesystem being shut down or rendered inaccessible until it is remounted. The highest threat from this issue is to system availability. The vulnerability is related to an incorrect limitation of the buffer for downloaded data in the XFS file system implementation. Recommendations: For Linux kernel versions prior to 5.9-rc4, update to a version 5.9-rc4 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.