CVE-2024-50014

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0+

Description: A problem was fixed in the Linux kernel involving a bug in the ext4 fast-commit replay path. This issue can be triggered with fstest generic/629 on a filesystem with the fast-commit feature enabled, resulting in a kernel trace. The code attempts to lock an uninitialized spinlock sbi->s bdev wb lock in the ext4 check bdev write error() function. Moving the initialization of this spinlock to an earlier point in ext4 fill super() fixes the issue.

Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the uninitialized lock in the ext4 fast-commit replay path. As a temporary workaround, consider disabling the fast-commit feature on affected filesystems until a patch is available. Restrict access to the vulnerable ext4 check bdev write error() function to minimize the risk of exploitation.