CVE-2022-48628

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5-ceph-g72ead199864c

Description The issue arises when unmounting in the Linux kernel, specifically with the Ceph filesystem. During the unmount process, all dirty buffers are flushed, and after the last OSD request is finished, the last reference of the i count is released. The unmounting process then flushes the dirty cap/snap to MDSs without waiting for possible acknowledgments, which can lead to inodes being held when updating metadata locally. This results in the evict inodes() function skipping these inodes. If encryption is enabled, the kernel generates a warning when removing encryption keys from skipped inodes that still hold the keyring. Later, the kernel will crash when iput() is called on the inodes and dereferencing the "sb->s master keys", which has been released by the generic shutdown super() function.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.