CVE-2024-47669

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.9

Description A state management issue in the nilfs2 log writing function has been resolved. The problem occurred after a commit was applied, allowing the log writing function nilfs segctor do construct() to issue I/O requests continuously even if user data blocks were split into multiple logs across segments. However, two potential flaws were introduced in its error handling. If nilfs segctor begin construction() fails while creating the second or subsequent logs, the log writing function returns without calling nilfs segctor abort construction(), causing page cache operations to hang waiting for the writeback flag. Additionally, the NILFS I COLLECTED flag set on normal inodes remains uncleared, potentially corrupting the block mapping.

Recommendations To resolve the issue, upgrade the Linux kernel to a version newer than 6.10.9. As a temporary workaround, consider disabling the nilfs segctor do construct() function until a patch is available. Restrict access to the vulnerable nilfs2 module to minimize the risk of exploitation. Avoid using the NILFS I COLLECTED flag in the affected log writing function until the issue is resolved.