CVE-2024-50229

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: A potential deadlock issue has been identified in the Linux kernel, specifically in the nilfs2 filesystem. This issue arises when creating new symlinks using the nilfs symlink() function, which can trigger memory reclamation involving the filesystem layer. This may result in circular lock dependencies among the reader/writer semaphore nilfs->ns segctor sem, s writers percpu rwsem (intwrite), and the fs reclaim pseudo lock. The issue occurs because the gfp flags of the page cache for symbolic links are overwritten to GFP KERNEL via inode nohighmem(). To fix this issue, the GFP FS flag is dropped from the page cache GFP flags of newly created symlinks.

Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider dropping the GFP FS flag from the page cache GFP flags of newly created symlinks in the same way that nilfs new inode() and nilfs read inode() do.