CVE-2023-54068

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the f2fs compression functionality. A bug in the handling of page writebacks in f2fs write raw pages() can lead to a kernel panic (BUG ON()) when files are written concurrently. This occurs because the same page can be written back multiple times without proper synchronization. The issue was introduced by a previous commit and arises from releasing pagelocks without checking the page's writeback state. The vulnerability is triggered when multiple processes attempt to write to the same page simultaneously, leading to a race condition. The functions involved include f2fs write raw pages(), f2fs do write data page(), generic perform write(), f2fs write begin(), f2fs write end(), and folio end writeback(). The wait for stable page() function is also relevant in the process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.