CVE-2023-52897

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1

Description The vulnerability is related to the qgroup component in the Linux kernel, which is associated with resource management errors. Exploitation of this vulnerability can lead to a denial of service. The issue arises from the introduction of the NO ACCOUNTING flag, which can cause some qgroup records to be without a valid old roots ulist. Normally, this is fine, but during a qgroup rescan, the NO ACCOUNTING flag is cleared, and the current transaction is committed, triggering a WARN ON() during btrfs qgroup account extents().

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the qgroup vulnerability. Specifically, for Linux kernel versions prior to 6.1, update to version 6.1 or later. As a temporary workaround, consider disabling the btrfs qgroup account extents() function until a patch is available. Restrict access to the vulnerable btrfs qgroup rescan() module to minimize the risk of exploitation. Avoid using the old roots parameter in the affected API endpoint until the issue is resolved.