CVE-2024-53218

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A race condition exists in the Linux kernel's f2fs file system, specifically in the f2fs stop gc thread() function. This issue arises when concurrent calls are made to shut down the f2fs file system, leading to a general protection fault. The root cause is a race condition between different shutdown paths, resulting in a use-after-free error. The commit c7f114d864ac attempted to fix this issue but failed to prevent all race conditions. The fix involves converting to a write lock of s umount in f2fs do shutdown().

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the race condition in f2fs stop gc thread(). As a temporary workaround, consider disabling the f2fs stop gc thread() function until a patch is available. Restrict access to the f2fs do shutdown() function to minimize the risk of exploitation. Avoid using the gc th variable in the affected shutdown paths until the issue is resolved.