CVE-2022-48902

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17-rc3

Description The vulnerability is related to the btrfs component of the Linux kernel and is associated with incorrect locking. When operating on a non-uptodate page, the assert eb page uptodate() function complains loudly. The issue arises when searching the commit root to cache the block group, allowing an extent buffer to be looked up that hasn't been written yet, leading to errors when trying to write that block out and clear Uptodate on the page. Normally, the tree lock provides some protection, but in cases where path->skip locking is set, this protection is bypassed. The fix involves checking for !Uptodate && !Error to prevent complaints when the buffer gets invalidated while in use.

Recommendations To resolve the issue, update the Linux kernel to version 5.17-rc3 or later. For versions prior to 5.17-rc3, consider applying the patch that fixes the btrfs: clear extent buffer uptodate when we fail to write it issue, and then implement the additional check for !Uptodate && !Error in the assert eb page uptodate() function to prevent unnecessary warnings.